Info-stealing infections expose hackers from top cybercrime forums

Info-stealing infections expose hackers from top cybercrime forums

Over 120,000 computers infected with info-stealing malware, many of which belong to malicious actors, had credentials associated with cybercrime forums, new research conducted by cybersecurity firm Hudson Rock has found.

An analysis of the data collected from computers compromised between 2018 to 2023, revealed that the credentials used for logging into cybercrime forums were generally stronger than credentials for government websites.

Data retrieved from systems infected by info-stealers is often expansive, allowing to determine the real-world identities of hackers based on indicators such as additional credentials, email addresses, phone numbers, computer names, and IP addresses.

The researchers also discovered that the cybercrime forum with the highest amount of infected users is the infamous “Nulled.to” with over 57,000 of compromised users, followed by “Cracked.io" (19, 062) and "Hackforums.net" (13,366).

It was also found that “Breached.to” was the forum with the strongest user passwords, while the one with the weakest user passwords was the Russian site “Rf-cheats.ru”.

The vast majority of info-stealer infections were attributed to Redline, followed by Raccoon and Azorult. The top 5 countries from which hackers were infected and had at least 1 credential to a hacker forum include Tunisia (7.55%), Malaysia (6%), Belgium (5.14%), the Netherlands (4.8%), and Israel (4.43%).

Back to the list

Latest Posts

Cyber Security Week in Review: April 4, 2025

Cyber Security Week in Review: April 4, 2025

In brief: New Ivanti zero-day exploited by Chinese hackers, police shut down the Kidflix CSAM platform, and more.
4 April 2025
UAC-0219 targets Ukraine’s government agencies with WRECKSTEEL stealer

UAC-0219 targets Ukraine’s government agencies with WRECKSTEEL stealer

This activity has been ongoing since at least the fall of 2024.
3 April 2025
Police crackdown shuts down major Kidflix platform hosting child sexual abuse material

Police crackdown shuts down major Kidflix platform hosting child sexual abuse material

As a result of the operation, 79 arrests were made, 1,393 suspects identified, and over 3,000 electronic devices seized.
2 April 2025