Understanding recent credential leaks and the rise of InfoStealer malware
The post Understanding recent credential leaks and the rise of InfoStealer malware appeared on BitcoinEthereumNews.com.
Opinion by: Jimmy Su, Binance chief security officer The threat of InfoStealer malware is on the rise, targeting people and organizations across digital finance and far beyond. InfoStealers are a category of malware designed to extract sensitive data from infected devices without the victim’s knowledge. This includes passwords, session cookies, crypto wallet details and other valuable personal information. According to Kaspersky, these malware campaigns leaked over 2 million bank card details last year. And that number is only growing. Malware-as-a-service These tools are widely available via the malware-as-a-service model. Cybercriminals can access advanced malware platforms that offer dashboards, technical support and automatic data exfiltration to command-and-control servers for a subscription fee. Once stolen, data is sold on dark web forums, Telegram channels or private marketplaces. The damage from an InfoStealer infection can go far beyond a single compromised account. Leaked credentials can lead to identity theft, financial fraud and unauthorized access to other services, especially when credentials are reused across platforms. Recent: Darkweb actors claim to have over 100K of Gemini, Binance user info Binance’s internal data echoes this trend. In the past few months, we’ve identified a significant uptick in the number of users whose credentials or session data appear to have been compromised by InfoStealer infections. These infections don’t originate from Binance but affect personal devices where credentials are saved in browsers or auto-filled into websites. Distribution vectors InfoStealer malware is often distributed via phishing campaigns, malicious ads, trojan software or fake browser extensions. Once on a device, it scans for stored credentials and transmits them to the attacker. The common distribution vectors include: Phishing emails with malicious attachments or links. Fake downloads or software from unofficial app stores. Game mods and cracked applications are shared via Discord or Telegram. Malicious browser extensions or add-ons. Compromised websites that…
Filed under: News - @ March 28, 2025 11:24 pm