Cyber Attacks on Russia - Kaspersky Review
Hackers stole 2.5 million users and passwords to access Russian resources
Hacker 
Kaspersky Lab experts estimate that over the past five years, attackers have used thieves to obtain logins and passwords for 443,000 websites. As for the data of Runet sites, 2.5 million pairs of logins and passwords were stolen in the [.]Ru segment.
After studying the theft logs published on the darknet, experts have come to the conclusion that in 2023, about 10 million device user data will be affected by thieves. This is about seven times more than in 2020.
On average, attackers steal 50.9 combinations of logins and passwords from a single infected device. The stolen data can be used for further attacks, or it can be sold and distributed on shady resources or Telegram channels.
In 2023, the most logins and passwords were stolen from sites
- .com domain zone - almost 326 million.
- .br Brazilian domain with 29 million accounts
- .in domain. Indian 8 million
- .co Colombian with almost 6 million
- .vn Vietnamese with more than 5.5 million.
"Compared to 2022, the number of stealer log files found on the darknet has decreased by 9%, but this does not mean that the demand for logins and passwords has decreased among attackers.
We do not rule out that some certificates compromised in 2023 will be in the shadow segment of the Internet already in 2024. Therefore, the real number of infections is very likely to be more than 10 million, according to our estimates, it may reach 16 million," - says Sergey Shcherbel, a cybersecurity expert at Kaspersky Lab.
