Amidst the bustling atmosphere of the Mobile World Congress 2025 in Barcelona, Kaspersky Digital Footprint Intelligence has released a shocking report estimating that approximately 2.3 million bank cards have been leaked on the dark web.
This startling figure comes from an analysis of data-stealing malware log files spanning 2023 to 2024, underlining an urgent need for individuals and businesses alike to bolster their cybersecurity measures.
The research indicates that on average, every 14th infection from infostealer malware results in the theft of credit card information. With almost 26 million devices compromised during this period—including a staggering 9 million in just 2024—cybercriminals have demonstrated an alarming escalation in their operational capabilities.
According to Kaspersky's analysis, while the global share of leaked credit cards remains below one percent, an impressive 95% of the leaked card data is reported to be technically valid.
Infostealer malware is engineered not only to harvest financial specifics but also to capture valuable user data such as credentials and cookies. The compromised data is aggregated into log files and subsequently circulated within a clandestine community on the dark web.
“The actual number of infected devices is likely higher,” stated Sergey Shcherbel, a leading expert at Kaspersky Digital Footprint Intelligence.
“Cybercriminals often release stolen data in log files months or even years following the initial breach, effectively prolonging the life cycle of compromised credentials.”
Forecasts suggest that in 2024 alone, an estimated 20 to 25 million devices may be infected with infostealer malware, while 2023 estimates range between 18 and 22 million.
The escalation of infostealer threats has been underlined by the prevalence of specific malware variants. Redline continues to dominate, accounting for 34% of recorded infections in 2024, but the most notable rise has been from Risepro, whose figures surged from 1.4% in 2023 to nearly 23% in 2024.
Risepro primarily targets sensitive banking details, passwords, and cryptocurrency wallet information, masquerading as game cheats and software patches. Meanwhile, another emerging threat, Stealc, has also seen significant growth, leaping from 3% to 13% of infections.
In light of this ominous trend, Kaspersky has taken proactive steps to combat the threats posed by infostealer malware. They have launched a dedicated landing page aimed at increasing public awareness and providing strategies for mitigating risks associated with these invasive attacks.
For individuals who may fall victim to such cybercrimes, immediate action is crucial. Kaspersky recommends prompt monitoring of bank notifications, reissuing bank cards promptly, and changing associated passwords to safeguard sensitive information. Two-factor authentication and spending limits can add additional layers of security. In situations where account details may be leaked, vigilance against phishing emails and fraudulent communication is paramount.
For corporate entities, it is vital to proactively monitor dark web markets to detect compromised accounts and strategies for safeguarding both customer and employee data. Companies are encouraged to utilise tools like Kaspersky Digital Footprint Intelligence to track threats and reinforce their cybersecurity frameworks effectively.
IOL