Infostealer malware drives massive surge in stolen bank card sales

Infostealer malware has compromised nearly 26 million devices over the past two years, leading to the exposure of over 2 million bank card details on criminal marketplaces across the dark web. According to recent findings, cybercriminals are selling stolen business and healthcare data, with some forums even offering one million credit cards for free as a marketing tactic. The scale of these breaches highlights the growing threat of infostealer malware and its ability to steal sensitive financial information.

Designed to capture a wide range of valuable data, infostealer malware targets login credentials, passwords, banking details, and cryptocurrency wallets. The research found that every 14th infection resulted in bank card details being leaked, although the actual number of compromised devices is likely higher, as stolen credentials often appear on the dark web months or even years after an initial breach.

Among the most prevalent infostealers, Redline malware accounted for 34% of infections in 2024, while a newer strain, Risepro, saw a significant rise in activity, increasing its share from 1.4% in 2023 to 23% in 2024. This malware primarily focuses on stealing banking card details, passwords, and cryptocurrency wallets and is often spread through key generators, software cracks, and game modifications.

Detecting whether bank card details have been leaked on the dark web can be difficult, but experts advise individuals to take immediate action if they suspect their data has been compromised.

The first step is to monitor bank notifications for any suspicious activity and, if necessary, request a card reissue. Additionally, changing passwords for online banking platforms and enabling two-factor authentication (2FA) can provide an extra layer of security. Victims should also remain vigilant against phishing attempts, scam calls, and fraudulent messages, as cybercriminals often target affected individuals directly.

 

Businesses also face serious risks from infostealer malware, particularly when corporate account credentials are stolen.

 

To mitigate potential damage, organisations should conduct antivirus scans on affected systems, enforce password resets, and analyse activity logs for any unusual access attempts. Implementing multi-factor authentication (MFA) across corporate systems can significantly reduce the likelihood of unauthorised logins. Additionally, proactively monitoring the dark web for leaked credentials can help businesses detect breaches before they lead to severe financial or reputational harm.

As the threat of infostealer malware continues to grow, both individuals and businesses must take proactive steps to secure their data. Cybersecurity solutions, including endpoint protection software, remain essential in detecting and preventing malware infections before they result in financial loss. With millions of compromised devices and stolen credentials surfacing on the dark web, staying vigilant and adopting strong security measures has never been more critical.