Kaspersky: stealer malware leaked over 2 million bank cards

 Kaspersky Digital Footprint Intelligence estimates that 2.3 million bank cards were leaked on the dark web, based on an analysis of data-stealing malware log files from 2023-2024. On average, every 14th infostealer infection results in stolen credit card information, with nearly 26 million devices compromised by infostealers, including more than 9 million in 2024 alone. Kaspersky released its report on the infostealer threat landscape while the technology world gathers at MWC 2025 in Barcelona. Kaspersky experts estimate that approximately 2,300,000 bank cards have been leaked on the dark web. This conclusion is based on an analysis of the log files from data-stealing malware, dated 2023-2024, that were leaked on the dark web market. While globally the share of leaked cards is well below one percent, 95% of the observed numbers appear technically valid. Infostealer malware is not only designed to extract financial information, but also credentials, cookies and other valuable user data, which is compiled into log files and then distributed within the dark web underground community. An infostealer can infect a device if a victim unknowingly downloads and runs a malicious file, for example one disguised as legitimate software, such as a game cheat. It can be spread through phishing links, compromised websites, malicious attachments in emails or messengers and various other methods. It targets both personal and corporate devices. Data-stealer threat landscape: 26 million devices found to be compromised over 2023-2024 On average, every 14th infostealer infection results in stolen credit card information. Kaspersky Digital Footprint Intelligence experts found that nearly 26 million devices running Windows were infected with various types of infostealers in the past two years.