March 4, 2025 – Kaspersky’s latest findings reveal that stealer malware has compromised and leaked the details of approximately 2.3 million bank cards on the dark web. The report, based on an analysis of data-stealing malware log files from 2023-2024, underscores the growing threat of infostealers in the cybercrime ecosystem. Kaspersky released its insights while the global technology community gathers at Mobile World Congress (MWC) 2025 in Barcelona.
Infostealer Malware: A Growing Cyber Threat
According to Kaspersky Digital Footprint Intelligence, nearly 26 million devices have been compromised by infostealers over the past two years, including more than 9 million in 2024 alone. Infostealer malware not only extracts financial details but also credentials, cookies, and other sensitive user data, which are then distributed within underground cybercriminal networks.
Kaspersky’s analysis suggests that while leaked cards represent less than one percent of the global banking population, 95% of the exposed card details appear technically valid, posing serious financial risks to affected individuals and institutions.
How Infostealers Operate
Cybercriminals spread infostealers through various means, including:
- Phishing links and compromised websites
- Malicious attachments in emails and messaging apps
- Fake software downloads, such as game cheats and cracked applications
Once infected, a victim’s device unknowingly transmits financial and personal information to cybercriminals, who then compile the stolen data into log files and sell them on the dark web.
Data Stealer Landscape: Key Malware Variants
Kaspersky has identified several leading infostealer variants in 2024:
- Redline remains the most widespread, accounting for 34% of infections.
- RisePro saw a dramatic rise in activity, increasing from 1.4% in 2023 to nearly 23% in 2024. This malware targets bank card details, passwords, and cryptocurrency wallets.
- Stealc, another emerging threat, expanded its share from nearly 3% in 2023 to 13% in 2024, demonstrating its growing reach in the cyber threat landscape.
Protecting Against Infostealer Threats
Kaspersky advises individuals and organizations to take immediate action if they suspect a data breach:
- For individuals:
- Monitor bank account activity and reissue compromised cards.
- Change passwords for banking apps and enable two-factor authentication.
- Be wary of phishing attempts via email, SMS, and calls.
- Set spending limits on bank accounts for added security.
- For businesses:
- Proactively monitor dark web marketplaces for compromised account data.
- Conduct regular cybersecurity audits and penetration testing.
- Leverage Kaspersky Digital Footprint Intelligence to track cybercriminal activity and mitigate risks proactively.
Kaspersky’s Cybersecurity Solutions
Kaspersky’s Digital Footprint Intelligence service provides organizations with real-time insights into cybercriminal marketplaces and forums, enabling early detection of compromised assets. The company’s security services include incident response, managed detection, SOC consulting, and penetration testing, helping enterprises fortify their defenses against evolving cyber threats.
As cybercrime tactics continue to advance, Kaspersky’s latest research underscores the urgent need for individuals and organizations to remain vigilant and adopt proactive cybersecurity measures to protect financial and personal data from malicious actors.
