Malware Steals Bank Cards and Passwords from Millions of Devices

Infostealer malware is making waves in the cybersecurity world, and not in a good way. This sneaky software, which can swipe everything from bank card details to passwords and sensitive media, is becoming more sophisticated and widespread. Some variants are even sold as subscription services to hackers, much like how we pay for Netflix. Yes, hackers now have a business model. Lovely, isn’t it?

A recent report by Kaspersky Digital Footprint Intelligence reveals some jaw-dropping statistics: nearly 26 million devices fell victim to infostealer malware between 2023 and 2024, and over 2 million unique bank card details were leaked. To top it off, one in every 14 infections led to stolen bank card information. But it doesn’t stop there—passwords, two-factor authentication cookies, and other sensitive credentials were also compromised.

In 2024, infections surged, driven by malware strains like RisePro and Stealc. RisePro, for example, jumped from accounting for just 1.4% of infections in 2023 to a staggering 22.45% in 2024. Meanwhile, Stealc, first detected in 2023, rose from 2.65% to 13.33%. Still, the infamous Redline remains the reigning champion of chaos, responsible for 34.36% of all infections.

By August 2024, researchers estimated that 15.9 million devices had been infected in 2023. Fast forward to March 2025, and that number climbed to 16.49 million, exceeding earlier predictions by 3.69%. And it’s not over yet—new infection logs from 2023 keep surfacing on the dark web, suggesting the real numbers might be even higher.

So, how can you protect yourself? Here are six crucial tips:

• Use strong antivirus software: Regularly update and scan with antivirus tools to detect and block malware before it causes harm.
• Switch to virtual cards: Use temporary virtual cards for online transactions instead of exposing your real bank card details.
• Enable transaction alerts and spending limits: Get real-time notifications and cap your daily spending to catch unauthorized activity quickly.
• Avoid storing card details in browsers: Infostealers love autofill data. Use a secure password manager instead of saving payment info in Chrome, Edge, or Firefox.
• Be password-savvy: Use strong, unique passwords and change them frequently. A password manager can make this easier.
• Consider data removal services: These can help monitor and remove your personal data from websites over time.

Infostealer malware often masquerades as legitimate apps or employs clever social engineering techniques, tricking even the most cautious among us. The best defense? Stay vigilant online, and arm yourself with tools like password managers and antivirus software. It’s not just about being smart—it’s about being prepared.