The Rise of Infostealers: A Growing Threat to Cybersecurity

By /

Listen to this Post

2025-02-04

The infostealer malware family continued to make waves in the cybersecurity landscape in 2024, with significant growth in popularity within the cybercrime underground. These malicious tools, designed to steal sensitive credentials, contributed to a surge in cyberattacks targeting user data and online accounts. According to Picus Security’s Red Report 2025, this increasing trend highlights a major shift toward more sophisticated, targeted attacks. In this article, we delve into the findings of the report and explore how these new tactics are reshaping the threat environment.

Key Insights from the Red Report 2025

In 2024, infostealer malware made up a significant portion of analyzed threats, accounting for 29% of the malware samples examined by Picus Security. The report analyzed over a million malware samples and mapped 14 million malicious actions, uncovering a clear trend: cybercriminals are targeting password managers, browser-stored credentials, and cached login data at an alarming rate.

A three-fold increase in malware strains designed to target credential stores indicates a growing demand for compromised logins. Once attackers steal these credentials, they gain the ability to move laterally within compromised systems, often escalating their privileges to access sensitive information.

The report also highlighted several additional troubling trends:

  • Stealth and Evasion Techniques: Process injection, which was observed in 31% of malware samples, helps attackers evade detection by injecting code into legitimate processes.
  • Real-Time Data Theft: Cybercriminals are accelerating their attacks with techniques like keylogging, screen capturing, and audio interception.
  • Persistence Methods: Malware is increasingly using techniques like “Boot or Logon Autostart Execution” to survive reboots and removal attempts.
  • Sophistication of Attacks: The complexity of attacks has grown, with each piece of malware now typically performing an average of 14 malicious actions and employing 12 different MITRE ATT&CK techniques.

What Undercode Says: The Evolving Landscape of Infostealers and Cyber Threats

The findings from Picus

The three-fold increase in the use of infostealers targeting credential stores is a sign that attackers are becoming more efficient at exploiting weak points in cybersecurity defenses. Password managers and browser-stored credentials are the primary targets, as these tools contain sensitive login information that can provide attackers with near-unfettered access to systems.

This trend is concerning, as many organizations rely on password managers as a core component of their cybersecurity strategy. As infostealers continue to evolve, cybercriminals are able to bypass traditional defense mechanisms, such as anti-virus software and intrusion detection systems. By leveraging advanced techniques like process injection and evasion methods, attackers can remain undetected while exfiltrating valuable data.

Furthermore, the increased use of real-time data theft methods, including keyloggers and screen capture utilities, signals a shift toward more aggressive, faster attacks. Cybercriminals no longer need to wait for hours or days to steal sensitive information; they can now act in real-time, making it more difficult for organizations to identify and mitigate breaches before significant damage is done.

One of the most alarming findings in the report is the growing sophistication of the malware itself. Attackers are no longer limited to basic data exfiltration techniques. The ability to perform multiple malicious actions, often using multiple layers of attack techniques, allows cybercriminals to achieve their objectives with higher precision and fewer chances of detection. This multi-stage complexity not only makes these attacks harder to detect but also harder to defend against.

The recommendation to pair password managers with multi-factor authentication (MFA) is more critical than ever. MFA adds an additional layer of security that can help thwart many infostealer attacks by requiring attackers to bypass more than just the stolen credentials. However, the use of MFA is not foolproof, and organizations must remain vigilant, ensuring that employees follow best practices for password securityā€”such as not reusing passwords, especially for critical tools like password managers.

With the growing maturity of cybercriminal operations,

In conclusion, as the infostealer malware family continues to evolve and adapt to new defensive measures, it is crucial for organizations to stay ahead of the curve. By investing in advanced security measures, training employees on good password hygiene, and pairing password managers with strong multi-factor authentication, businesses can better protect themselves from this growing cyber threat. The future of cybersecurity will rely on an organizationā€™s ability to not just respond to attacks, but to anticipate them, adapting quickly to an ever-changing threat landscape.

References:

Reported By: https://www.infosecurity-magazine.com/news/threefold-increase-malware/
https://www.linkedin.com
Wikipedia: https://www.wikipedia.org
Undercode AI: https://ai.undercodetesting.com

Image Source:

OpenAI: https://craiyon.com
Undercode AI DI v2: https://ai.undercode.helpFeatured Image

Explore More: