INSUBCONTINENT EXCLUSIVE:
Millions of stolen corporate credentials are available for sale on the dark web which is why ImmuniWeb decided to analyze both the quality
and quantity of these stolen credentials to compile its new State of Stolen Credentials in the Dark Web from Fortune 500 Companies
report.The firm leveraged its Open Source Intelligence (OSINT) technology to crawl through generally accessible places and resources on the
Tor network, across various web forums, Pastebin, IRC channels, social networks, messenger chats and other locations known for offering,
selling or distributing stolen or leaked data.In total, ImmuniWeb found over 21m credentials that belonged to Fortune 500 companies and
surprisingly over 16m of these logins were compromised during the last 12 months.Upon examining the credentials, the firm discovered that as
many as 95 percent of them contained unencrypted plaintext passwords.According to ImmuniWeb, the most popular sources of the exposed
breaches were third parties, trusted third parties which includes partners, suppliers or vendors and the companies themselves.The firm did
not try to login into any of the accounts it found and instead, ImmuniWeb verified their accuracy and reliability be correlating,
cross-checking and juxtaposing the data from different public sources aided by machine learning
Its own machine learning models were also used to find anomalies and spot fake leaks, duplicates or default passwords which were set
automatically.When it came to the industries with the highest number of stolen credentials, technology (5m) took the top spot followed by
financials (4.9m) and healthcare (1.9m).Out of the 21m credentials ImmuniWeb discovered, only 4.9m were fully unique passwords which
suggests that many users are using identical or similar passwords
In the technology sector for example, password, 1qaz2wsx, career121, abc123 and passwordI were the top five passwords.Of the industries
examined by ImmuniWeb, the retail sector had the highest percentage of weak passwords at 47 percent followed by telecommunications at 37.57
percent and industrials at 37.36 percent.CEO and founder of ImmuniWeb, Ilia Kolochenko provided further insight on the report's findings,
saying:“These numbers are both frustrating and alarming
Cybercriminals are smart and pragmatic, they focus on the shortest, cheapest and safest way to get your crown jewels
The great wealth of stolen credentials accessible on the Dark Web is a modern-day Klondike for mushrooming threat actors who don’t even
need to invest in expensive 0day or time-consuming APTs
With some persistence, they easily break-in being unnoticed by security systems and grab what they want
Worse, many such intrusions are technically uninvestigable due to lack of logs or control over the breached [third-party] systems.”
