Billions of Passwords Exposed: Is Your Data at Risk?

We saw a rise in infostealer malware in 2024, with hackers using it to steal credentials, cryptocurrency and other personal data from millions of users. A new cybersecurity report highlights that hackers using Lumma, along with StealC, Redline and other infostealers, infected 4.3 million machines in 2024, leading to an astonishing 330 million compromised credentials. Security researchers have also observed 3.9 billion credentials shared in credential lists that appear to be sourced from infostealer logs. A cybersecurity report by threat intelligence platform KELA has uncovered a sharp rise in infostealer malware in 2024. Researchers also observed an alarming trend in how stolen data was circulated. Large compilations of credentials, often referred to as "credential lists," were being shared across cybercrime forums. These lists, primarily sourced from infostealer logs, contained billions of login details harvested from infected devices. One of the most notable incidents linked to infostealer malware was the breach of Snowflake, a cloud data storage provider. In April 2024, threat actors gained access to customer accounts using stolen login credentials, many of which were obtained through infostealers. Exploiting weak security practices, such as the absence of multifactor authentication, attackers extracted valuable data and later attempted to sell it on underground markets. The breach affected at least 165 companies. The KELA report highlights that hackers deploying Lumma, StealC, Redline and other infostealers infected 4.3 million machines, leading to the compromise of 330 million credentials. Nearly 40% of these infected machines contained credentials for corporate systems, including content management platforms, email accounts, Active Directory Federation Services and remote desktop environments. In total, this accounted for 1.7 million compromised bots and 7.5 million stolen credentials. The report also found that 3.9 billion credentials were shared in credential lists that appear to be sourced from infostealer logs. KELA’s analysis suggests that almost 65% of infected devices were personal computers storing corporate credentials, making them a prime target for infostealer malware. Infostealer malware is not going anywhere in 2025. With malware-as-a-service platforms on the rise and infostealers becoming more advanced, cybercriminals will likely keep using them as a go-to method for stealing credentials and gaining access to systems. Law enforcement has been cracking down, though. In 2024, authorities managed to take down key parts of the infostealer ecosystem, including disrupting Redline, one of the most widely used infostealers. This showed that international agencies can go after not just the malware developers but also the networks and underground markets that keep these operations running. But takedowns like these rarely put an end to the problem. When one major infostealer operation is shut down, others quickly step in to take its place. The constant demand for stolen credentials and the ability of cybercriminals to adapt means infostealer attacks will likely remain a major threat in 2025. With infostealer malware becoming a growing threat, protecting your data requires a mix of smart security habits and reliable tools. Here are some effective ways to keep your information safe: **1. Enable two-factor authentication (2FA):** Even if your credentials are stolen, 2FA adds an extra layer of security by requiring a second form of verification, such as a code from an authentication app or biometric confirmation. Cybercriminals rely on stolen usernames and passwords to break into accounts, but with 2FA enabled, they cannot gain access without the additional security step. Make sure to enable 2FA on important accounts like email, banking and work-related logins. **2. Use strong antivirus software and be cautious with downloads and links:** Infostealer malware often spreads through malicious downloads, phishing emails and fake websites. Avoid downloading software or files from untrusted sources and always double-check links before clicking them. Attackers disguise malware as legitimate software, game cheats or cracked applications, so it is best to stick to official websites and app stores for downloads. **3. Use a password manager:** Many infostealers target saved passwords in web browsers. Instead of relying on your browser to store credentials, use a dedicated password manager. **4. Keep software updated:** Cybercriminals exploit outdated software to deliver malware. Keeping your operating system, browsers and security software up to date ensures that known vulnerabilities are patched. Enable automatic updates whenever possible and install reputable antivirus or endpoint protection software that can detect and block infostealer threats before they compromise your system. Given the surge in infostealer malware warnings, it is clear that cybercriminals are actively targeting passwords. Both organizations and individuals are urged to strengthen their security measures by enabling 2FA, monitoring credential exposure and using endpoint protection tools. While no security measure is completely foolproof, combining these practices can significantly reduce the risk of falling victim to infostealer malware.