What's Happening?
Infostealers have emerged as a significant threat in the cybersecurity landscape, turning millions of devices into tools for credential theft. According to a report by Flashpoint, over 11.1 million devices were infected with infostealers in 2025, leading
to the circulation of more than 3.3 billion credentials and other forms of identity in illicit marketplaces. These stolen credentials allow attackers to access targets as if they were authorized users, bypassing security defenses. The infostealers are often available through malware-as-a-service platforms, making them accessible to a wide range of cybercriminals. The most successful strains in 2025 included Lumma, Acreed, Rhadamanthys, Vidar, and StealC, with Vidar dominating in early 2026. These tools are designed to evade detection, often using encryption and obfuscation techniques, and can steal a wide array of data, including credentials, browser cookies, and cryptocurrency wallet information.
Why It's Important?
The rise of infostealers poses a significant threat to both individuals and organizations, as they facilitate unauthorized access to sensitive data and systems. This can lead to severe consequences, such as identity theft, financial loss, and the deployment of ransomware. The ease of access to these tools through underground markets and their ability to evade traditional security measures make them particularly dangerous. Organizations may face increased costs related to data breaches, including legal liabilities, reputational damage, and the need for enhanced cybersecurity measures. The widespread availability and use of infostealers highlight the need for improved cybersecurity practices and awareness to protect against these evolving threats.
What's Next?
As infostealers continue to evolve, cybersecurity professionals and organizations must adapt their strategies to mitigate the risks associated with these threats. This includes investing in advanced threat detection and response systems, enhancing employee training on cybersecurity best practices, and implementing robust access controls. Law enforcement agencies are likely to intensify efforts to disrupt the distribution of infostealers and prosecute those involved in their creation and use. Additionally, there may be increased collaboration between public and private sectors to share threat intelligence and develop more effective defenses against credential theft and related cybercrimes.
