CYBERSECURITY | Over 2 million bank cards keaked by malware

Cybersecurity experts at Kaspersky have uncovered a massive wave of data breaches caused by infostealer malware, with an estimated 2.3 million bank cards leaked on the dark web between 2023 and 2024. The findings, published during the Mobile World Congress (MWC) 2025 in Barcelona, highlight the alarming rise of cybercriminal activity targeting personal and corporate financial data.

According to Kaspersky Digital Footprint Intelligence, nearly 26 million devices running Windows were compromised by infostealers in the past two years, with 9 million infections recorded in 2024 alone. The report estimates that between 20 million and 25 million devices could be infected by the end of 2024.

Alarming growth

Infostealer malware is designed to extract sensitive data, including financial details, login credentials, cookies, and cryptocurrency wallet information. Cybercriminals then compile the stolen data into log files, which are sold or shared within underground dark web communities.

“Infostealers pose a severe threat because they can quietly collect and distribute stolen data long after an initial infection,” said Sergey Shcherbel, an expert at Kaspersky Digital Footprint Intelligence. “Cybercriminals often leak stolen data months or even years later, meaning the true scale of infections continues to grow over time.”

Infostealer malware: Leading the surge

Among the most dangerous infostealers in 2024, Redline remains the most widespread, responsible for 34% of all infections. However, the most notable growth has been observed in RisePro, which surged from 1.4% in 2023 to nearly 23% in 2024.

“RisePro is an emerging and dangerous threat,” Shcherbel warned. “It primarily targets banking card details, passwords, and cryptocurrency wallets, often disguised as key generators, cracked software, or game mods.”

Another rapidly growing infostealer is Stealc, which first appeared in 2023. Its share of infections increased from 3% to 13% over the past year, making it another critical threat to individuals and businesses alike.

How Infostealer malware spreads

Infostealers infect devices through various deceptive methods, including phishing emails and fake attachments, malicious links on compromised websites, trojanized software downloads such as game cheats and cracked applications, and social engineering attacks via messaging platforms.

How to protect yourself

With infostealer malware continuing to spread, experts advise taking immediate action if you suspect your data has been compromised. Monitoring your bank account for suspicious transactions and considering reissuing compromised cards is crucial. Enabling two-factor authentication on banking and email accounts adds an extra layer of protection. Changing passwords immediately for any potentially compromised accounts is highly recommended. Running a full malware scan on all personal and corporate devices helps detect and remove infections. Avoiding downloading pirated software and being cautious with unknown email attachments can prevent initial infections.

Businesses must stay vigilant

Kaspersky advises companies to proactively monitor the dark web for compromised credentials and implement strong cybersecurity measures.

“Organizations should leverage intelligence tools like Kaspersky Digital Footprint Intelligence to track cybercriminal activity related to their assets,” said Shcherbel. “Detecting compromised accounts early can help prevent larger security incidents.”

As cyber threats continue to evolve, the rise of infostealer malware presents a major risk to individuals and businesses worldwide. By staying informed and implementing robust cybersecurity practices, users can reduce their chances of falling victim to data breaches. For more details on Kaspersky’s findings, visit their official report on infostealer malware trends.