Thursday, January 21, 17:34
Home security Passwords face the greatest risk of exposure

Passwords face the greatest risk of exposure

The average person uses 191 services that require a password or other credentials, according to a report by cybersecurity company Digital Shadows. All of these usernames, passwords and other credentials are becoming increasingly vulnerable as criminals increase and refine their "credential-hacking functions," the report said.


There are more than 15 billion stolen credentials on the market - a 300% increase from 2018. The source of these credentials: 100.000 breaches.

Of these 15 billion, 5 billion are unique, meaning they are not the same passwords used in different accounts. Most of these credentials belong to ordinary users. The report emphasizes, as many security experts do, that users they should never use the same password on different accounts.

"The message is simple - users must use different passwords for each account," said Rick Holland, CISO of Digital Shadows.

The businesses and people whose emails are public should also be careful.  

How valuable is a password? Although the Criminals of cyberspace offer many credentials for free, those sold cost an average of $ 15,43, the report explained.

See how criminals value your credentials:

  • Access to the organizations' basic systems sells for up to $ 140.000, with an average selling price of $ 3.139.
  • Bank and other financial accounts sell for an average of $ 70,91.
  • Account access for antivirus software costs about $ 21,67.
  • Multimedia streaming accounts, social media, file sharing, virtual private networks (VPNs) and adult content sites sell for less than $ 10.

What drives all this criminal activity? The violation of one account "It has never been easier (or cheaper) for cybercriminals," the report said.

The so-called brute force cracking tools are available on the dark web and sell for an average of $ 4. The attacks Brute Force are generally those where an attacker tries to guess passwords based on common passwords, hoping to guess correctly.

Criminals can also buy Account Takeover (ATO) "as-a-service". Essentially, the criminal rents an ID, often for less than $ 10.

The Sentry MBA is a very popular tool, as is OpenBullet.

The report cited the Verizon Data Breach Report, which reported that more than 80% of hacking-related breaches were committed using the brute-force cracking or by using lost / stolen credentials.


Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehc
Be the limited edition.



Bill Gates: Will he work with Biden on COVID-19 / climate change?

Microsoft co-founder Bill Gates said on Twitter that he is looking forward to working with the new US President, Joe Biden, and ...

What are the rumors circulating about the iPhone 13?

Apple iPhone 13 will have a redesigned Face ID system that will have a smaller notch at the top of the screen, ...

Biden: How was the political transition in the US captured on social media?

As Joe Biden was sworn in as President of the United States, this important political transition was captured on popular social media. On January 20, ...

CentOS ceases to be supported but RHEL is offered for free

Last month, Red Hat caused a great deal of concern in the Linux world when it announced the discontinuation of CentOS Linux.

Microsoft Office 365 employee passwords leaked online!

A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and ...

COSMOTE and Microsoft provide new cloud solutions for businesses

COSMOTE and Microsoft expand their cooperation, offering even more advanced and high quality cloud solutions, in large and small ...

Cyber ​​attacks in Eastern Europe are on the rise!

The cyber-attacks that have taken place in many US government agencies and companies in recent months have caused concern in the developing countries of ...

Tesla reduces the prices of the Model 3 in Europe

Tesla has reduced the prices of the Model 3 in many European markets, which reductions could be partly linked ...

iOS, Android, XBox users in the crosshairs of a new malvertising campaign

Recently a new malvertising campaign was discovered that targets users of mobile and other connected devices and uses effective ...

Microsoft: "Zero trust" protects against sophisticated hacking attacks

According to Microsoft, the techniques used by the hackers of SolarWinds, were sophisticated but common and preventable. To avoid future attacks ...