• Skip to primary navigation
  • Skip to main content
Logo S2 Grupo Soluciones Ciberseguridad

Spanish Company Specialized in Cybersecurity

  • Company
    • About Us
    • Governing Bodies
    • CSR
    • Awards and Acknowledgments
  • Specialization
    • OT Industry
    • IT
    • OT Health
  • Solutions
  • R&D+I
  • Talent
  • News & Publications
  • Contact
  • facebook
  • twitter
  • instagram
  • linkedin
|
en arrow down
  • es
© 2023 S2 Grupo
Current events

More than 65 million digital credentials have been ‘leaked’ in 2023

31 May 2023

  • This data is extracted from the research work being carried out by the Digital Surveillance department of the cybersecurity company S2 Grupo on the theft of credentials on the network.

  • One of the main ways in which data is obtained is through infostealers, a type of malware that steals data from technological devices.

  • The information is sold on different forums and platforms such as Telegram, which offer packages with passwords and access data to confidential company information, private VPNs or RDP, among many others, for amounts ranging from $100 to $400 per month.

Valencia 20 May 2023.- The Valencian company S2 Grupo, specialized in cybersecurity and critical systems management, is carrying out a research work in 2023 on the theft of digital credentials in Spain. One of the main conclusions drawn by his team is that only in the first four months of the year 65,267,777 have been leaked, in order to trade with them.

"The objective of the theft of access data and all kinds of private information is always the same: money or information that is worth a lot of money. Until now, the sale was made on platforms such as RaidForums, but this was closed and the sale of credentials through forums has been eclipsed with the proliferation of Telegram groups", explained José Rosell, managing partner of S2 Grupo.

"However, the information packages sold on the forums are more complete than what can be found on Telegram. These usually include RDP (Remote Desktop Protocol) accesses, private VPNs (Virtual Private Network) and even confidential information about companies", said Miguel A. Juan, managing partner of S2 Grupo.

From the research conducted by the Digital Surveillance department of this cybersecurity company, it is also observed how Telegram groups usually distribute several combolists (list of usernames and passwords used in automated login attempts) for free to gain subscribers.

"These combolists are often old or quite trite and many of the credentials provided no longer work. For this reason, many groups sell temporary subscriptions to "clouds" or private groups where they upload fresh and verified information," highlighted José Rosell.

As far as the price of selling credentials is concerned, they seem to have remained stable since 2022 and tend to have similar prices across platforms ranging from $100 to $400 per month.

How is the data obtained? From S2 Grupo it has been detailed that this information is collected by "infostealers", a type of malware that acts as a Trojan horse in systems by stealing information. In this way, they collect credentials and other information from the victims' technological devices. This information is then sold to more sophisticated groups such as "Ransomware" or "APT" (Advanced Persistent Threats) groups to facilitate their access.

  • fb
  • tw
  • in
Related Articles
Show all →
Current events
Six cybersecurity tips to avoid online shopping scams this holiday season
Read more →
Current events
Ten tips to protect our digital identity
Read more →
Corporate
Fallas will raise awareness of the cyber dangers of network-connected toys
Read more →

Follow us in our newsletter

Subscribe through your email to stay up to date

Logo S2 Grupo Soluciones Ciberseguridad
© 2023 S2 Grupo
  • Press Center
  • Legal Disclaimer
  • Privacy Policy
  • Cookie policy
S2 Grupo utiliza cookies propias y de terceros para permitir tu navegación, fines analíticos y para mostrarte publicidad personalizada en base a un perfil elaborado a partir de tus hábitos de navegación (por ejemplo, páginas visitadas). Clica aquí para acceder a nuestra Política de Cookies. Puedes aceptar todas las cookies pulsando el botón “ACEPTAR” o configurar o rechazar su uso pulsando el Botón “CONFIGURAR”
ConfigurarAceptar cookies
Manage consent

Resumen de Privacidad

Este sitio web utiliza cookies para mejorar su experiencia mientras navega por el sitio web. De estas, las cookies que se clasifican como necesarias se almacenan en su navegador, ya que son esenciales para el funcionamiento de las funcionalidades básicas del sitio web. También utilizamos cookies de terceros que nos ayudan a analizar y comprender cómo utiliza este sitio web. Estas cookies se almacenarán en su navegador solo con su consentimiento. También tiene la opción de optar por no recibir estas cookies. Pero la exclusión voluntaria de algunas de estas cookies puede afectar su experiencia de navegación.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
CookieDurationDescription
pll_language1 yearThe pll _language cookie is used by Polylang to remember the language selected by the user when returning to the website, and also to get the language information when not available in another way.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Necessary
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
_GRECAPTCHA6 monthsThis cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-analytics1 yearSet by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-functional1 yearThe cookie is set by the GDPR Cookie Consent plugin to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necesaria1 yearSet by the GDPR Cookie Consent plugin to store the user consent for cookies in the category "Necessary".
CookieLawInfoConsent1 yearRecords the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
SAVE & ACCEPT
Powered by CookieYes Logo