Cybercriminals no longer just chase big targets.
They’re chasing everyone and doing it with Infostealer malware. These small, mean programs are quietly stealing passwords, browser data, and tokens from everyday devices.
The new report shows how Infostealer’s activities jump 500% in just one year, harvesting more than 1.7 billion fresh qualifications, and how the issues are uncontrolled.
Hackers at work (Kurt “Cyberguy” Knutsson)
Industrialization of qualification theft
In 2024, Fortinet cybersecurity researchers observed an incredible surge in stolen login data being traded on Dark Web. Over 1.7 billion qualifications have been harvested not from old violations but from active infectious diseases on users’ devices.
At the heart of this trend is a class of malware called Infostealers. This is a program specifically designed to extract sensitive information such as usernames, passwords, browser cookies, email logins, Crypto wallets, session tokens and more. Unlike large data breaches that target centralized databases, Infostealer runs on individual machines. They don’t break into the company’s servers. In many cases, victims compromise end users without realizing it.
These logs are aggregated and sold by intermediaries who sell initial access brokers, compromised credentials and sell access tokens to other cybercriminal groups, including ransomware operators. The market is now available for purchase at scale, with verified features and region-specific pricing, from corporate VPNs to administrative dashboards or personal bank accounts.
Fortinet’s 2025 Global Threat Landscape Report We have identified a 500% increase in eligibility logs from Infostealer infections over the past year. Among the most widespread and dangerous infosealers identified in the report are Redline, Vidar and Raccoon.
Hackers at work (Kurt “Cyberguy” Knutsson)
200 million social media records have been leaked in major X data breaches
How InfoSealer Works
Infostealers are usually distributed through phishing emails, malicious browser extensions, fake software installers, or cracked applications. Once installed on your device, it scans local files for browser databases, Autofill Records, saved passwords, and entitlement-related data. Many people are also looking for digital wallets, FTP credentials and cloud services logins.
Importantly, many infostealers remove session tokens and authentication cookies. This means that even users who rely on multifactor authentication are not completely safe. Stolen session tokens allow attackers to bypass multifactor authentication completely and assume control of the session without the need to manually log in.
Once collected, the data is uploaded to the command and control server. From there it is used directly by attackers, or bundled with logs and sold on forums. These logs can contain everything from the victim’s IP address and geolocation to the browser’s fingerprints and full qualification lists, providing everything you need to carry out further exploitation and spoofing for the attacker.
What is Artificial Intelligence (AI)?
Man working on personal laptop and work laptop (Kurt “Cyberguy” Knutsson)
HR company checks 4M records published in major hacks
5 Ways to Stay Safe from Infostealer Malware
With Infostealer’s malware becoming an increasing threat, data protection combines smart security habits with reliable tools. Below are five effective ways to keep your information safe:
1. Using the Password Manager: Many Infostealers target saved passwords in web browsers. Instead of relying on your browser to store your credentials, use a dedicated password manager. Our No. 1 pick has built-in Data Breach Scanner This allows you to see if the information is publicly available for a known violation. Get my details Find the best expert reviewed password managers of 2025 here.
2. Enabling 2-factor authentication (2FA): Even if your credentials are stolen 2FA Adds an additional layer of security by requesting second form of verification, such as verification of authentication app code and biometric authentication. Cybercriminals are considered relying on stolen usernames and passwords, but with 2FA enabled, they are not accessible without additional security steps. Please enable 2FA on important accounts such as email, banking, and work-related logins.
3. Use powerful antivirus software and beware of downloads and links. Infostealer malware is often spread through malicious downloads, phishing emails, and fake websites. Do not download software or files from untrusted sources or always double-check the link before clicking it. It is recommended that attackers stick to official websites and app stores for download, as they disguise the malware as legitimate software, game cheats, or crack applications.
The best way to protect yourself from malicious links to install malware is to install powerful antivirus software on all your devices, as it may access your personal information. This protection can also warn you that it will phish email and ransomware fraud and keep your personal information and digital assets safe. Get my picks for the best 2025 Antivirus Protection Winners for Windows, Mac, Android and iOS devices.
Click here to get your Fox business on the go
4. Update your software: Cybercriminals leverage outdated software to provide malware. Keep your operating system, browser and security software up to date Ensures that known vulnerabilities are patched. Install reputable antivirus or endpoint protection software that enables automatic updates whenever possible and allows you to detect and block Infosteeler threats before compromise your system.
5. Please consider the Personal Data Deletion Service. These services will help you delete your personal information from data broker sites and reduce the risk of identity theft, spam and targeting fraud. Although there is no service that guarantees the complete deletion of data from the Internet, data deletion services are truly a wise choice. They are not cheap and not your privacy either.
These services do all of their work by proactively monitoring and systematically erasing personal information from hundreds of websites. It has given me peace of mind and has proven to be the most effective way to erase personal data from the internet. By limiting the available information, you reduce the risk that scammers cross-referencing your data from violations, providing information they may find on the dark web, making it difficult for them to target you. Check out our top picks for data deletion services.
How to fight debit card hackers after your money
Important points of cart
The 1.7 billion passwords leaked in 2024 are not relics of past violations. They are evidence of an evolving industrialized cybercrime economy built on unsuspecting users and quietly infected devices. The tools are cheap, the scale is large, and the impact is personal. If you have saved your password in your browser, downloaded an unofficial app, or clicked a link in a sketchy email, your credentials may already be in circulation.
Click here to get the Fox News app
Who do you think should be primarily responsible for protecting personal data from cyber threats such as individual users, businesses, software providers, or government agencies? why? Write us and let us know cyberguy.com/contact.
For more information about my tech tips and security alerts, sign up for our free Cyberguy Report Newsletter cyberguy.com/newsletter.
Please ask Cart questions or tell us what stories you would like us to cover.
Follow your cart on his social channels:
Answers to the most accused Cyber Guy questions:
New from Cart:
Copyright 2025 cyberguy.com. Unauthorized reproduction is prohibited.
