Over 40,000 credentials for government portals found online

[silversurfer]

Malware operators have collected login credentials for government portals in Italy, Saudi Arabia, Portugal, Bulgaria, Romania, more.

A Russian cyber-security firm says it discovered login credentials for more than 40,000 accounts on government portals in more than 30 countries. The data includes usernames and cleartext passwords, and the company believes they might be up for sale on underground hacker forums.

Alexandr Kalinin, head of Group-IB's Computer Emergency Response Team (CERT-GIB), says these account details have been collected over time by cyber-criminals with the help of off-the-shelve malware strains such as the Pony and AZORult infostealers, but also the Qbot (Qakbot) multi-purpose trojan.

The crooks who deployed these malware strains collected vasts amounts of data from a large number of infected users. He believes that the people behind these operations might filter and group the government accounts into separate packages to advertise and sell online.

Source: https://www.zdnet.com/article/over-40000...nd-online/