12% of all Unique User Data Found in Cyber Crime Marketplaces Belong to Indians: Report


Personally identifiable information of Indians, including passwords, financial information and even cookies stored on a device, forms at least 12% of all unique user data found in cyber crime marketplaces, according to a report by Panama-based virtual private network (VPN), NordVPN released Thursday.

Indian User Data Forms Majority in Stolen Data Marketplaces: Report

The personally identifiable information can be purchased from these marketplaces for less than Rs 500, the report said. Dubbed the 'bot' market, these cybercrime marketplaces keep an updated list of user data obtained through malware on a user's device.

6 lakh unique Indian users data available in marketplaces

The VPN service provider, which has recently shut down servers from India due to a government order mandating VPN providers to keep tabs of data on users using the service, said they have tracked data belonging to 5 million unique users around the world. Out of them, data of Indian users topped the chart with over 6 lakh users' data found in the bot marketplaces.

The report covers databases that are not just data dumps of old data, but actively updating databases. Data dumps are more common, originating from data breaches from apps and companies, but are considered irrelevant and don't command a high price as there will be chances that users will be updating their passwords after news about the breach becomes public. However, the latter where the database is being actively updated are more relevant for future breaches and command a higher price.

Logins from Google, Microsoft, Facebook Accounts

According to the report by NordVPN, the marketplaces have data stolen from login information of Google, Microsoft and Facebook accounts, along with cookies, digital footprints, and autofill databases.

Cookies, for instance, which are bits of code that include information unique to a user, allow a cyber attacker to bypass two-factor authentication. The digital footprints have information like network and device data, and can be leveraged for identity thefts. Autofill information, as the name suggests, can be anything from residential address, phone numbers and information on family members.


"After the bot is sold, they guarantee the buyer that the victim's information will be updated as long as their device is infected by the bot," said Marijus Briedis, chief technology officer of NordVPN.

He added that the databases are of great value to cybercriminals.

Best Mobiles in India

Read More About: cybercrime data breach news

Best Phones

Get Instant News Updates
Notification Settings X
Time Settings
Clear Notification X
Do you want to clear all the notifications from your inbox?
Yes No
Settings X