ISTANBUL
More than 31,000 stolen Australian banking passwords are being traded online by cybercriminals, local media reported Tuesday.
A probe conducted by cyber intelligence researchers revealed that login credentials for Australia’s four major banks are being circulated on the messaging app Telegram and the dark web, posing a significant risk of fraud, according to the Australian Broadcasting Corporation (ABC).
The credentials were stolen from personal devices through "infostealer" malware, according to Australian cybersecurity firm Dvuln, which made the discovery.
Some of the compromised devices were infected as early as 2021 and remain vulnerable to attacks, said Dvuln founder Jamie O'Reilly.
Globally, over 31 million devices have been infected by infostealer malware, with more than 58,000 devices affected in Australia alone when counting all types of infected devices, according to cybersecurity company Hudson Rock.
Earlier this month, it was also reported that Australian superannuation funds had been targeted by cyberattacks, during which stolen passwords of 600 members were used in attempts to access accounts and commit fraud.