Infostealers Exploit Millions of Devices, Facilitating Credential Theft and Ransomware Attacks
Infostealers have emerged as a significant threat in the cybersecurity landscape, turning millions of devices into tools for credential theft. According to a report by Flashpoint, over 11.1 million devices were infected with infostealers in 2025, leading to the circulation of more than 3.3 billion credentials and other forms of identity in illicit marketplaces. These stolen credentials allow attackers to access targets as if they were authorized users, bypassing security defenses. The infostealers are often available through malware-as-a-service platforms, making them accessible to a wide range of cybercriminals. The most successful strains in 2025 included Lumma, Acreed, Rhadamanthys, Vidar, and StealC, with Vidar dominating in early 2026. These tools are designed to evade detection, often using encryption and obfuscation techniques, and can steal a wide array of data, including credentials, browser cookies, and cryptocurrency wallet information. 
