Nearly 4 billion passwords exposed by malware

In 2024, there was a significant increase in infostealer malware attacks, with hackers utilizing this malicious software to steal credentials, cryptocurrency, and other personal data from millions of users. Lumma, a notorious infostealer, targeted Android, Windows, iOS, and Mac users, leading to numerous incidents of data breaches. Alongside Lumma, other infostealers such as StealC and Redline were also employed by hackers, infecting a staggering 4.3 million machines and compromising 330 million credentials.

A recent cybersecurity report by KELA shed light on the growing threat of infostealer malware and the alarming trend of stolen data circulation. Cybercriminals were sharing large compilations of stolen credentials, known as “credential lists,” on underground forums. These lists, sourced from infostealer logs, contained billions of login details harvested from compromised devices.

One of the most notable incidents linked to infostealer malware was the breach of Snowflake, a cloud data storage provider. Threat actors gained unauthorized access to customer accounts using stolen credentials, many of which were obtained through infostealers. Exploiting weak security practices, such as the absence of multifactor authentication, attackers extracted valuable data and attempted to sell it on the dark web. The breach impacted at least 165 companies, highlighting the severity of infostealer-related attacks.

The KELA report revealed that infostealer malware, including Lumma, StealC, and Redline, infected 4.3 million machines in 2024, resulting in the compromise of 330 million credentials. Nearly 40% of the infected devices contained credentials for corporate systems, posing a significant risk to organizations. Additionally, 3.9 billion credentials were shared in credential lists sourced from infostealer logs, indicating the widespread impact of these attacks.

As we move into 2025, the threat of infostealer malware shows no signs of slowing down. Malware-as-a-service platforms are on the rise, and cybercriminals are increasingly using advanced infostealers to steal credentials and gain unauthorized access to systems. While law enforcement efforts have targeted key players in the infostealer ecosystem, takedowns are often temporary solutions as new threats emerge to take their place.

To protect against infostealer malware, individuals and organizations are advised to implement strong security measures. Enabling two-factor authentication, using reputable antivirus software, employing password managers, and keeping software up to date are essential steps to safeguarding sensitive data. While no security measure is foolproof, a combination of these practices can significantly reduce the risk of falling victim to infostealer attacks.

In conclusion, the rise of infostealer malware in 2024 underscores the ongoing threat posed by cybercriminals seeking to steal credentials and personal data. By staying informed, implementing best security practices, and remaining vigilant, individuals and organizations can mitigate the risks associated with infostealer attacks in 2025 and beyond.