Cybercriminals ramped up their use of infostealer malware in 2024, targeting millions of users to steal login credentials, cryptocurrency, and other sensitive data. One of the most notorious infostealers, Lumma, was actively used to breach Android, Windows, iOS, and Mac devices.
A recent cybersecurity report from KELA revealed that hackers using Lumma, StealC, Redline, and other infostealers compromised a staggering 4.3 million machines, leading to the theft of 330 million credentials. Even more concerning, 3.9 billion credentials were found circulating in cybercrime forums, sourced directly from infostealer logs.
How Infostealers Are Compromising Corporate Security
Cybercriminals aren’t just targeting individuals—they’re infiltrating corporate networks by stealing employee login credentials. The Snowflake breach in April 2024 is a prime example: Hackers used stolen credentials—many obtained through infostealers—to access customer accounts. Without multi-factor authentication (MFA) in place, attackers extracted valuable data from at least 165 companies, later selling it on underground markets.
According to the KELA report:
🔹 40% of infected machines contained credentials for corporate systems, including email accounts, CMS platforms, and remote desktop environments.
🔹 1.7 million compromised bots led to the theft of 7.5 million corporate credentials.
🔹 Nearly 65% of infected devices were personal computers storing work-related login information, making them an easy target for cybercriminals.
Why Companies Must Train Employees on Phishing, Vishing, and Imposters
While law enforcement has made strides in disrupting major infostealer operations, cybercriminals continue to evolve. With malware-as-a-service platforms becoming more sophisticated, organizations must prioritize cybersecurity training to prevent these attacks.
🔹 Phishing attacks trick employees into clicking malicious links or downloading infected attachments, allowing infostealers to spread.
🔹 Vishing (voice phishing) uses social engineering tactics over the phone to manipulate employees into revealing login credentials or bypassing security protocols.
🔹 Imposter scams involve cybercriminals posing as IT personnel, executives, or vendors to gain access to sensitive systems.
A single compromised credential can open the door to a massive data breach, leading to financial losses, reputational damage, and regulatory penalties. Training employees to recognize and respond to these threats is one of the most effective ways to safeguard company data.
The Outlook for 2025
Infostealers aren’t going away—in fact, they’re expected to become even more advanced in 2025. Organizations must stay proactive, enforcing multi-factor authentication, strengthening endpoint security, and educating employees on how to spot cyber threats before they escalate.
Stay protected! Make cybersecurity awareness a company-wide priority and ensure your team is equipped to defend against the next wave of attacks.