Infostealer malware increased in popularity in 2024, with thieves utilizing it to take qualifications, money, and other personal information from millions of users. If you recall, I reported countless , preying on Android, Windows and perhaps iOS and Mac users.
A new security review today highlights that hackers using Lumma, along with StealC, Redline and other infostealers, infected 4.3 million machines in 2024, leading to an astonishing 330 million damaged credentials.  ,
Additionally, security scientists discovered that there are 3.9 billion credentials in token lists that look to be derived from infostealer logs.
Infostealer-related problems on the rise in 2024
A , a security review from the threat intelligence service KELA has found a significant increase in infostealer malware in 2024. Additionally, scientists found an alarming increase in the distribution of stolen information. Large collections of credentials, often referred to as” login addresses”, were being shared across cybercrime communities. billions of login details were gathered from afflicted devices, mostly from infostealer logs, in these lists.
The breach of Snowflake, a provider of cloud data storage, was one of the most significant incidents involving infostealer malware. In April 2024, risk actors gained access to customer accounts using stolen login credentials, many of which were obtained through infostealers. Assailants used weak security measures, including the lack of multifactor authentication, to extract important data before selling it on the black market. The breach affected at least 165 businesses.
The KELA report shows that , StealC, Redline and another infostealers infected 4.3 million systems, leading to the settlement of 330 million qualifications. Nearly 40 % of these sick machines contained credentials for business systems, including content management systems, email addresses, Active Directory Federation Services and distant desktop settings. In total, this accounted for 1.7 million damaged algorithms and 7.5 million stolen credentials.
Additionally, according to the report, 3.9 billion qualifications were shared in token lists that appear to be derived from infostealer files. According to KELA’s analysis, almost 65 % of infected devices were personal computers that held corporate credentials, making them prime targets for infostealer malware.
 ,
2025 is not going to get any distinct
In 2025, infostealer trojan won’t be eradicated. Scammers will probably continue to use malware-as-a-service systems as a method of stealing qualifications and gaining access to systems as they become more sophisticated as malware-as-a-service platforms.
has been cracking down, nevertheless. In 2024, government managed to take down important parts of the infostealer habitat, including disrupting Redline, one of the most commonly used infostealers. This demonstrated that international organizations can pursue both the sites and underground marketplaces that keep these operations running as well as the ransomware developers.
However, knockdowns like these often put an end to the issue. People quickly resurrect one significant infostealer procedure when it is shut down. Infostealer problems will likely continue to pose a significant threat in 2025 due to the constant need for stolen credentials and fraudsters ‘ adaptability.
How to protect yourself from infostealer trojan
Protecting your data requires a combination of prudent safety practices and trustworthy tools, with infostealer trojan becoming a growing danger. What are some simple steps you can take to protect your knowledge?
1. Enable two-factor authentication ( ):  , Even if your credentials are stolen,  , adds an extra layer of security by requiring a second form of verification, such as a code from an authentication app or biometric confirmation. Hackers rely on stolen usernames and passwords to break into accounts, but with enabled, they can’t get accounts without taking the extra safety action. Make sure to allow on critical accounts like message, banking and work-related logins.
2. Use effective antiviral software, and be cautious about downloading and linking: Infostealer malware frequently spreads through phishing emails, fake websites, and harmful downloads. Avoid downloading files or software from untrusted resources, and often double-check links before clicking them. Attackers mask malware as genuine technology, game cheats or cracked applications, so it is best to stick to established websites and app stores for downloads.
Strong antivirus software is required to protect yourself from malicious links that could access your private information and install malware on all of your devices. Your personal information and digital assets can be protected by this protection, as well as preventing ransomware and phishing emails. .
3. Use a password manager: Many infostealers target saved passwords in web browsers. Instead of relying on your browser to store credentials, use a dedicated password manager. Get more details about my , .
4. Keep software updated:  , Cybercriminals exploit outdated software to deliver malware. Keep your operating system, browsers, and security software up-to-date makes sure known vulnerabilities are patched, according to  . Install trustworthy antivirus or endpoint protection software that can identify and stop information leaker threats before they compromise your system. Always enable automatic updates.
Kurt’s key takeaway
Infostealer malware warnings are frequently issued, so it’s obvious that cybercriminals are actively looking into passwords. Organizations and individuals are urged to improve security measures by enabling 2FA, monitoring credential exposure, and using endpoint protection tools. No security precaution is entirely foolproof, but combining these techniques can significantly lower the chance of getting infected by infostealer malware.
Do you believe that businesses are doing enough to protect your data from infostealer malware and other cyber threats? Let us know by writing us at ,
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to ,
Follow Kurt on his social channels:
Answers to the most asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com.  , All rights reserved.