Security News > 2024 > July > Dark Web Malware Logs Expose 3,300 Users Linked to Child Abuse Sites

An analysis of information-stealing malware logs published on the dark web has led to the discovery of thousands of consumers of child sexual abuse material, indicating how such information could be used to combat serious crimes.

Distributed via phishing, spam campaigns, cracked software, fake update websites, SEO poisoning, and malvertising, data harvested using such programs typically find their way onto the dark web in the form of stealer logs from where they are purchased by other cybercriminals to further their schemes.

"A complex ecosystem exists in which malware-as-a-service vendors sell info-stealer malware on illicit Telegram channels, threat actors distribute it through fake cracked software or phishing emails, and they then sell infected device logs on specialized dark web marketplaces."

Countries like Brazil, India, and the U.S. had the highest counts of users with credentials to known CSAM communities, although the company said that it could be due to an "Overrepresentation due to dataset sourcing."

"Info-stealer malware and stolen credentials are projected to remain a cornerstone of the cybercriminal economy due to the high demand by threat actors seeking initial access to targets," it said, adding it has shared its findings with law enforcement.

"Info-stealer logs can be used by investigators and law enforcement partners to track child exploitation on the dark web and provide insight into a part of the dark web that is especially difficult to trace."

News URL

https://thehackernews.com/2024/07/dark-web-malware-logs-expose-3300-users.html