Report – The Stealer Malware Ecosystem: A Detailed Analysis of How Infected Devices Are Sold and Exploited on the Dark and Clear Web

Infected devices (including botnets and stealer logs) pose a great threat for both personal and corporate devices. Cybercriminals can purchase infected devices on the Genesis and Russian Markets to pursue account takeovers, make fraudulent purchases, or gain access to bank accounts. 

Botnets are computers that malware has infected to steal the information stored in web browsers and the browser’s fingerprint. Malicious actors can essentially impersonate their victim, which makes it difficult to identify fraudulent logins. Stealer logs are the product of infostealer malware stealing information from a victim’s browser. They do not provide as much information as botnets but are still very dangerous.

Though the markets specialize in selling different products, their intentions are similar with botnets on Genesis Market and stealer logs on Russian Market. 

We became curious about the global scale of the infected device industry and researched these questions:

  • Are some countries more targeted than others? 
  • What influences the price of a botnet on the global market? 
  • What kind of malware is used to collect victim’s info? 
  • Do attack patterns vary among distributors?

Learn more about the stealer malware ecosystem:

Share This Article

Research Team

Flare’s research team conducts investigations and experiments in order to gather data, create new knowledge, and develop new ideas. This helps our team stay ahead of emerging threats and also add insight to our product roadmap.

Related Content