A comprehensive investigation by Kaspersky Digital Footprint Intelligence has uncovered an alarming cybersecurity threat, revealing that stealer malware has compromised over 2.3 million banking cards globally during 2023-2024. Technical analysis confirms that 95% of the stolen data corresponds to legitimate payment cards, highlighting the severity of this growing financial security crisis.
Global Impact and Infection Statistics
The research indicates an unprecedented scale of attacks, with approximately 26 million Windows devices falling victim to various stealer malware variants over the past two years. The investigation reveals that one in every 14 infections results in payment card data theft, demonstrating the attackers’ increasing efficiency in targeting financial information. Threat actors deploy multiple attack vectors, including sophisticated phishing campaigns, compromised websites, and malicious attachments distributed through email and messaging platforms.
Threat Evolution and Market Dynamics
Security analysts project continued growth in stealer malware activities, with infected device numbers expected to reach 20-25 million in 2024, maintaining the high infection rates observed in 2023 (approximately 22 million devices). The actual impact may be significantly higher, as cybercriminals often delay the release of stolen data on dark web marketplaces for months or years after successful attacks.
Dominant Malware Variants Analysis
RedLine maintains its position as the leading stealer in 2024, accounting for approximately one-third of all detected infections. However, the rapid emergence of RisePro presents a significant concern, with its market share surging from 1.4% in 2023 to nearly 23% in 2024. Similarly, Stealc, a relatively new entrant that appeared in 2023, has expanded its presence from 3% to 13% in 2024.
RisePro: Emerging Sophisticated Threat
RisePro represents a particularly sophisticated threat, employing advanced masquerading techniques by disguising itself as legitimate software, including key generators, software cracks, and gaming modifications. This stealer specifically targets banking card data, cryptocurrency wallets, and user credentials, making it a significant threat to users’ financial security.
To combat these evolving threats, cybersecurity experts recommend implementing robust security measures, including deploying advanced antivirus solutions with real-time protection capabilities, maintaining regular software updates, exercising caution when downloading files from unverified sources, and enabling two-factor authentication for all financial transactions. Additionally, organizations should invest in employee cybersecurity awareness training and implement comprehensive security policies to mitigate the risk of stealer malware infections.
