A giant chunk of sensitive data with a massive 1.2TB database containing passwords, cookies, autofill, and payment information, has been discovered by security researchers. The data is reportedly extracted by a Trojan-type malware that’s yet to be identified.
In total, there are over 26 million login credentials, 2 billion browser cookies, 1.1 million email addresses, and 6.6 million files. Around 650,000 Microsoft Word and PDF files and more than 1 million images were also included.
After infecting the computers, the malware also took a photo using the victims’ webcam. Most of the data stolen were from email, messaging, gaming, and file-sharing services. The extraction from the 3 million computers was allegedly made between 2018 to 2020.
According to the report, the attackers likely want to steal cryptocurrencies and other financial-related information.
Included in the account credentials collected by the malware include those from Facebook, Gmail, Twitter, and Amazon. 22% of the browser cookies were still valid during the time of discovery, which means they can be used to maliciously access a person’s online accounts.
If you want to check if you’re affected by any hacks, you can check out the Have I Been Pwned website.