Infostealer Malware Infects 26 Million Devices, Steals Bank Card Data and Passwords

A devastating Infostealer malware campaign has compromised 26 million devices, stealing bank card details and passwords. Kaspersky's report highlights the scale of the threat.
Infostealer Malware Infects 26 Million Devices, Steals Bank Card Data and Passwords
Table of Contents
    Add a header to begin generating the table of contents

    A recent report from Kaspersky reveals a massive malware campaign targeting millions of devices worldwide. The Infostealer malware, as its name suggests, is designed to steal sensitive information, including bank card details, passwords, and other credentials. Kaspersky estimates that a staggering 26 million devices have been compromised.

    The report highlights that 9 million devices were infected in 2024 alone, bringing the total number of compromised devices to 26 million since 2023. While only 1% of globally issued bank cards were leaked on the dark web during this period, a significant 95% of those leaked card numbers were deemed “technically valid” by Kaspersky. This indicates a substantial potential for financial fraud.

    The malware’s capabilities extend beyond simply stealing bank card numbers. It also targets user credentials, including passwords, and cookies, which are then distributed on the dark web. The insidious nature of this malware lies in its ability to disguise itself as legitimate software. Kaspersky cites game cheats as one example of how this malware is often distributed. Victims unknowingly download and run malicious files, leading to infection.

    The malware spreads through various methods, including phishing links, malicious email attachments, and infected websites. Kaspersky’s report identifies Redline as the most prevalent Infostealer in 2024, accounting for 34% of infections. Risepro and Stealc are also noted as rapidly growing threats.

    Kaspersky offers several recommendations for victims of this malware:

    • Monitor bank accounts and notifications closely.
    • Request a new bank card.
    • Change passwords for banking apps and websites.
    • Enable two-factor authentication (2FA).
    • Set spending limits on bank accounts (if available).
    • Be vigilant against phishing attacks, suspicious texts, and phone calls.
    • Run regular security scans on your devices and remove any detected malware.

    This widespread attack underscores the importance of robust cybersecurity practices. Regular software updates, cautious downloads, and strong password management are crucial in mitigating the risk of infection from Infostealer malware and other similar threats.

    For more on protecting your business from malware, see our article on Top Cyber Threats Facing Enterprise Businesses in 2025. Understanding the Threat Actors behind these attacks is also crucial.

    Related Posts