Cybercrime , Cybercrime as-a-service , Fraud Management & Cybercrime

Why MFA Can't Combat Growing Info Stealer Malware Attacks

Accenture Threat Intel Lead Howard Marshall on Watching Dark Web to Understand TTPs
Howard Marshall, managing director and global cyber threat intelligence lead, Accenture Security

According to Accenture Security's Cyber Threat Intelligence team, information stealer malware - malicious software designed to steal victim information, including passwords - has become one of the most discussed malware types on the cybercriminal underground in 2022.

See Also: Ransomware Response Essential: Fixing Initial Access Vector

"Our reconnaissance team started noticing back in about July of this year … increased chatter amongst cybercriminals in dark web forums around the utility of info stealers," says Howard Marshall, who leads Accenture Security's global cyber threat intelligence team. While "info stealers are not necessarily new," he says, "there's something different about info stealers now."

"We have found that criminal groups are utilizing new versions of info stealers to not just aim at individual accounts, which is what they've primarily been used for in the past, but to aim them at enterprises and large organizations to not just steal usernames and passwords, but to actually steal system data, cookies and other information necessary to bypass standard security protocols, things like MFA," Marshall says.

"Enterprises need to consider the fact that the threat actor is actually in your system. So creating any password changes is not necessarily going to defeat them. They're already present in the network, in the system. So folks should be thinking about understanding that a threat hunt is likely necessary or even an incident response engagement, more likely, to expel the threat actor before taking remedial steps to ensure an enterprise is secure," he says.

In this video interview with Information Security Media Group, Marshall discusses:

  • How info-stealer malware is gaining popularity on the dark web amid the rise of MFA fatigue attacks;
  • The TTPs used by the adversaries to deploy this malware;
  • Practical steps organizations can take to mitigate the risk of MFA fatigue attacks and social engineering attempts.

Prior to joining Accenture, Marshall spent over 20 years working with the FBI before retiring as the deputy assistant director of the agency's Cyber Division. He held six other positions during his tenure, including special agent in charge of the Louisville Division.


About the Author

Anna Delaney

Anna Delaney

Director, ISMG Productions

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.