According to a recent report by Accenture, the successful combination of stolen credentials and social engineering tactics to breach networks is increasing the demand for information stealers on the Dark Web. Specifically, Accenture notes a marked increase in the number of Dark Web advertisements for new information stealer malware variants. The report also discusses how the success of MFA fatigue attacks has contributed to this increased demand.
Accenture’s Cyber Threat Intelligence team expects the information stealer landscape to continue to evolve and pose a significant risk to organizations in 2023. To reduce the risk posed by information stealers, organizations should consider number-matching MFA systems and the use of biometrics as opposed to the more vulnerable MFA push notifications. Most importantly, members are encouraged to train staff on the dangers of MFA fatigue attacks, social engineering attempts, and how to secure online accounts. Check out more at DarkReading and Accenture.