26 Million Devices Hit By Infostealers—Bank Cards Leaked To Dark Web

Infostealers grab bank card data by the millions.

GETTY

Update, March 7, 2025: This story, originally published March 4, has been updated with advice from Kaspersky as to what you should do if your stolen consumer bank card data is leaked on the dark web as well as a step-by-step response guide for corporate account compromises.

Criminal marketplaces on the dark web, only accessible by way of a special web browser and often by invite only depending on the forum concerned, are selling full access to small businesses for $600 and access to insanely valuable healthcare data for $1,000 a pop. But it’s the threat from infostealer malware that is of most concern right now, not just in terms of the gargantuan number of passwords that are available in logs for sale, but the sheer number of stolen credit cards as well.

One such forum was seen offering to give away a million credit cards for free just as a marketing exercise, for goodness sake. Now Kaspersky threat intelligence specialists have revealed the extent to which infostealer malware and bank card theft go hand in hand.

FORBES1 Million Android Consumer Backdoors Confirmed—What You Need To KnowBy Davey Winder

One In Every 14 Infostealer Infections Leaks Bank Cards To The Dark Web

Nearly 26 million devices were compromised by infostealer malware across 2023 and 2024, leading to the leak of more than 2 million unique bank card details, according to newly published research from the Kaspersky Digital Footprint Intelligence unit. Indeed, the Kaspersky analysts said that every 14th such infection led to bank card details being stolen. Of course, infostealers are designed to grab much more than debit or credit card data, the malware will go after any information it can find that could be deemed valuable. So, we more often hear about how campaigns compromise passwords, second-factor authentication cookies and the like. But it’s hard to ignore the bank card numbers when you see them in black and white like this.

That 26 million devices number related to those running Windows between the start of 2023 and the end of 2024, the Kaspersky report said. “The actual number of infected devices is even higher,” said Sergey Shcherbel, an expert at Kaspersky Digital Footprint Intelligence. “Cybercriminals often leak stolen data in the form of log files months or even years after the initial infection, and compromised credentials and other information continue to surface on the dark web over time.”