In 2023, a significant increase in data-stealing malware attacks targeted nearly 10 million devices, resulting in the compromise of over 325 million accounts.


Cybercriminals utilized data-stealing malware, or “infostealers”, to harvest an average of 50.9 login credentials per infected device [1] [2]. The most affected domain was com, with Brazil [2], India [2], Colombia [2], Vietnam [2], and the United Kingdom also experiencing high levels of compromise. While there was a slight decrease in infections compared to the previous year [1] [2], leaked credentials could still pose a threat as they may surface on the dark web. The dark-web value of log files containing login credentials varies [2], with prices starting at $10 per log file [1] [2]. To address this growing threat, Kaspersky recommended deploying comprehensive security solutions on all devices and actively monitoring leaks for prompt password changes [2].


The increase in data-stealing malware attacks highlights the heightened risk to individuals and businesses. To mitigate this threat, it is crucial to implement robust security measures and stay vigilant against potential breaches. As cybercriminals continue to evolve their tactics, proactive security measures are essential to safeguard sensitive information and prevent future attacks.