Cybersecurity researchers at iZOOlogic identified a new threat group named Nusa Cloud, which poses a significant danger to online security by distributing hacked user credentials for free. This group operates anonymously on Telegram, sharing compromised credentials in massive TXT files, ranging from 700MB to 3GB. These files often contain sensitive information such as passwords, configuration details, and system logs, making them highly attractive targets for hackers. The simplicity of TXT files as plaintext data storage further exacerbates the risk, as they can also disguise malicious code or instructions.
Nusa Cloud’s activities extend across different regions and sectors, with credentials grouped into nation-specific files. This large-scale operation underscores the group’s threat level, affecting individuals, companies, and organizations alike. Researchers have recovered over 1,051 lists of combo files from Nusa Cloud, amounting to approximately 2 billion compromised credentials. Unlike traditional cybercriminals who monetize stolen data, Nusa Cloud’s strategy of freely sharing this data raises questions about their motives, potentially seeking greater visibility and interaction within the cybercrime community.
On April 25, 2024, the Nusa Cloud channel was shut down, marking a significant development in addressing this threat. However, the persistent nature of such cyber threats necessitates ongoing vigilance and cooperation among cybersecurity professionals. Utilizing innovative technologies and fostering collaboration are crucial in unraveling the complexities of these cyber threats and enhancing resilience against emerging digital offenses. To effectively combat these challenges, continuous alertness and proactive security measures are essential.
