Over 2 million bank cards were leaked on the dark web between 2023 and 2024, as cybercriminals increasingly rely on infostealer malware to harvest sensitive financial information. Data from recent analyses of leaked malware logs highlights the growing risk posed by these malicious programs, which target both personal and corporate devices globally.
According to data collected through digital footprint monitoring and analysis of malware logs from 2023 to 2024, an estimated 2.3 million bank cards were compromised and exposed for sale or trade on underground dark web marketplaces. This discovery paints a concerning picture of just how pervasive infostealer infections have become, with nearly 26 million devices infected over the past two years, including over 9 million infections in 2024 alone.
Infostealer Malware: A Growing Threat to Personal and Corporate Security
Infostealer malware is designed to discreetly infiltrate devices, stealing not only financial information but also login credentials, cookies, browsing histories, and other sensitive data. The stolen data is then compiled into log files and circulated within cybercriminal forums, where it can be monetized or used for further attacks.
These malware infections typically begin when a victim unknowingly downloads and runs malicious files disguised as game cheats, cracked software, or legitimate applications. Other common infection vectors include phishing links, compromised websites, and malicious attachments delivered via email or instant messaging platforms.
Once installed, the malware silently operates in the background, harvesting any saved passwords, card details, and cookies stored on the device. This data is especially valuable to cybercriminals, who can use it directly for fraud or package it into bulk data dumps for sale on the dark web.
26 Million Devices Compromised in Two Years
Between 2023 and 2024, nearly 26 million Windows devices were infected with infostealers, according to the findings. On average, every 14th infection results in stolen credit card information, highlighting the severe financial risk these infections pose to individuals and businesses alike.
Cybersecurity experts believe the actual number of compromised devices may be even higher, as much of the stolen data is leaked months or even years after the initial infection. Some credentials and sensitive details continue to resurface in dark web markets long after the original breach, extending the potential risk window for affected individuals.
Surge in New Malware Strains: Redline, Risepro, and Stealc
Among the various infostealers detected in 2024, Redline remained the most prevalent, responsible for 34% of all infections.
A particularly notable trend was the rise of Risepro, which saw its share of infections spike from just 1.4% in 2023 to nearly 23% in 2024. Risepro is known for targeting banking card information, passwords, and cryptocurrency wallet credentials, often disguising itself as key generators, software cracks, or game mods.
Another emerging threat is Stealc, first discovered in 2023. Stealc’s share of total infections grew from under 3% to 13% in 2024, underlining the fast-evolving nature of the infostealer landscape.
How Individuals and Businesses Can Protect Themselves
With millions of devices compromised and sensitive information regularly surfacing on the dark web, cybersecurity experts recommend several immediate actions for individuals who suspect their data may be at risk:
- Monitor bank notifications and reissue compromised cards.
- Change all passwords associated with affected accounts, including banking, email, and social media.
- Enable two-factor authentication wherever possible.
- Set transaction limits on cards for added protection.
- Remain vigilant against phishing attempts via SMS, email, or phone calls, especially if account details were part of a breach.
- Run full security scans on all devices and remove any detected malware.
Corporate Recommendations
Businesses are also strongly encouraged to proactively monitor dark web marketplaces to detect compromised corporate accounts or sensitive information before it can be exploited. Establishing dedicated digital risk monitoring can provide early warnings and help organizations patch vulnerabilities before they escalate into full-blown breaches.
Long-Term Cybersecurity Measures
Given the rise of new infostealer strains and their increasingly sophisticated methods of evading detection, organizations and individuals must prioritize:
- Regular security awareness training to educate employees about phishing tactics and malware risks.
- Strict software download policies to minimize exposure to malicious downloads.
- Deployment of endpoint security solutions capable of detecting and blocking infostealer malware.
- Continuous monitoring of organizational digital footprints to detect potential threats before they escalate.
Cybercriminal groups continue to evolve their tactics, exploiting both personal vulnerabilities and organizational blind spots to infiltrate devices and extract valuable data. Understanding the latest trends in the infostealer threat landscape is crucial for building resilience against this growing digital menace.
Discover more from Techish Kenya
Subscribe to get the latest posts sent to your email.
