ISLAMABAD: An international cyber security firm disclosed Thursday that around 2.3 million bank cards were leaked on the dark web globally, based on an analysis of data-stealing malware log files from 2023-2024.
In its latest report, Kaspersky Digital Footprint Intelligence estimated that on average, every 14th infostealer infection results in stolen credit card information, with nearly 26 million devices compromised by infostealers, including more than 9 million in 2024 alone across the world.
Infostealer malware is not only designed to extract financial information, but also credentials, cookies and other valuable user data, which is compiled into log files and then distributed within the dark web underground community.
Financial sector sees sharp increase in cyber threats during 2024
An infostealer can infect a device if a victim unknowingly downloads and runs a malicious file, for example one disguised as legitimate software.
It can be spread through phishing links, compromised websites, malicious attachments in emails or messengers and various other methods. It targets both personal and corporate devices.
“The actual number of infected devices is even higher. Cybercriminals often leak stolen data in the form of log files months or even years after the initial infection, and compromised credentials and other information continue to surface on the dark web over time.
Therefore, the more time passes, the more infections from previous years we observe. We forecast the total number of devices infected with infostealer malware in 2024 to be between 20 million and 25 million, while for 2023, the estimate ranges between 18 million and 22 million,“ says Sergey Shcherbel, expert at Kaspersky Digital Footprint Intelligence.
In light of this growing infostealer threats, Kaspersky has launched a dedicated landing page to raise awareness of the issue and provide strategies for mitigating associated risks.
Learn more at in the report. If you encounter a data leak through infostealers, act promptly if you suspect your bank card details are leaked: monitor bank notifications, reissue the card and change your bank app or website password.
Enable two-factor authentication and other verification methods. Run full security scans on all devices, removing any detected malware, the company added.
Copyright Business Recorder, 2025
Comments