Kaspersky has alerted the public that data-stealing malware known as infostealers, are on the rise, posing grave risks to individuals and businesses, according to the cybersecurity company.
These malicious programs target logins and passwords on devices, posing a risk to both personal and corporate data, according to a report from Kaspersky’s Digital Footprint Intelligence made available to Technology Times.
Redline remains the most used infostealer, infecting over half (55%) of devices targeted in password-stealing attacks during 2023. However, the market is seeing a rise in new threats. Lumma, a stealer that emerged in 2022, has quickly gained popularity as the malware is responsible for over 6% of infections in 2023 alone.
Infostealers infiltrate devices and steal sensitive information like login details. This stolen data is then sold on the dark web, a hidden part of the internet used for illegal activities. The stolen information can be used by criminals to access bank accounts, email, social media profiles, and other sensitive data.
Kaspersky.
Infostealers: Inside the rising wave of malware
Redline Stealer or Redline is a Malware-as-a-Service (MaaS) that threat actors use to steal victims’ sensitive data and infect other systems.
Kaspersky further alerted that “Redline was used in 51% of infostealer infections from 2020 to 2023. Other notable malware families included Vidar (17%) and Raccoon (nearly 12%). In total, around 100 distinct infostealer types were identified by Kaspersky Digital Footprint Intelligence between 2020 and 2023 using metadata from log-files.”
Infostealers infiltrate devices and steal sensitive information like login details. This stolen data is then sold on the dark web, a hidden part of the internet used for illegal activities. The stolen information can be used by criminals to access bank accounts, email, social media profiles, and other sensitive data.
Sergey Shcherbel, an expert at Kaspersky, revealed that, “Lumma emerged in 2022 and gained popularity in 2023 through a Malware-as-a-Service (MaaS) distribution model. This means any criminal, even those without advanced technical skills, can purchase a subscription for a pre-made malicious solution and use this stealer to carry out cyberattacks. Lumma is primarily designed for stealing credentials and other information from cryptocurrency wallets, commonly spread through email, YouTube, and Discord spam campaigns.”
To mitigate these cybersecurity challenges, Kaspersky recommends installing comprehensive security solutions on all devices to protect against these threats. “This will help prevent infections and alert them to dangers, such as suspicious sites or phishing emails that can be an initial vector for infection. Companies can help their users, employees, and partners protect themselves from the threat by proactively monitoring leaks and prompting users to change leaked passwords immediately,” the technology security company said.
