Nation plagued by bots
Thailand No.7 in threat level from data sold by malware
The data of 137,000 Thais was sold on bot markets, making the country No.7 in terms of threat level in the world, according to cybersecurity firm NordVPN.
The firm said the information was obtained from independent third-party researchers specialising in cybersecurity incident research on Sept 29, 2022.
NordVPN said the term bot refers to data-harvesting malware.
Bot markets are online marketplaces hackers use to sell data they have stolen from their victims' devices with bot malware. The data is sold in packets, which include log-ins, cookies, digital fingerprints and other information.
Researchers analysed three major bot markets, namely the Genesis Market, the Russian Market and 2Easy. All of the markets were active and accessible on the surface web at the time of analysis.
According to NordVPN, the researchers found the data of at least 5 million people globally was sold on bot markets for 212 baht on average.
"What makes bot markets different from other dark web markets is people are able to get large amounts of data about one person in one place," said Marijus Briedis, chief technology officer of NordVPN. "After the bot is sold, they guarantee the buyer the victim's information will be updated as long as the device is infected by the bot."
The most popular types of malware that steal data are RedLine, Vidar, Racoon, Taurus and AZORult.
The Russian Market had more than 3.8 million data logs from 225 countries sold on the platform, with Indonesia and Brazil the most affected nations.
NordVPN said 2Easy offered 600,000 stolen data logs from 195 countries with India, Brazil and the US the most affected countries. Genesis offered some 400,000 stolen logs, the firm said, with Italy, Spain and France the most affected countries.
The firm said the bot markets had 26.6 million stolen log-ins, 667 million stolen cookies, 81,000 stolen digital fingerprints and 538,000 autofill forms.
"A simple password is no longer worth money to criminals when they can buy log-ins, cookies and digital fingerprints in one click for just six bucks," said Mr Briedis.