Market Data 
As high-street retailers in the U.K. are the latest to fall victim to devastating cyberattacks, with ransomware high on the criminal agenda, now is the time to start taking one oft-undervalued attack type very seriously indeed. Infostealer malware is responsible for the theft of billions of credentials that find their way onto the dark web and other criminal forums. These are often used as the initial access vector for any number of cyberattacks, from ransomware to espionage, against businesses. The true extent of the infostealer problem has just been made very apparent in a new threat intelligence report that revealed how businesses are experiencing a 266% surge in the attack type.
The Infostealer Epidemic That Endangers Your Business
When it comes to the criminal underworld, at least those players operating in the cyber arena, there’s one thing that holds more value, more currency, than anything else: credential theft. There is a very good reason for this, as you might imagine. Stolen and compromised passwords, along with two-factor authentication codes, can open the door to your networks and the corporate data within. Most ransomware attacks begin with an initial access broker providing such compromised credentials to a criminal affiliate of the ransomware operators who is responsible for accessing your systems and installing the malware. It’s not hyperbole to say that infostealer malware likely poses a bigger danger to your business than any other cyber threat right now.
A new report from threat intelligence experts KELA, has now revealed just how big a threat to business it is. What’s more, the threat intelligence analysts have managed to determine which business sectors are most at risk.
KELA warned that a 266% surge in the infostealer threat shows no sign of slowing down in 2025, especially as the research “highlights how cybercriminals are efficiently monetizing stolen credentials,” Lin Levi, KELA threat intelligence analyst, said, “creating a thriving underground market.”
The Infostealer Threat Intel Takeaways
The main takeaways from theKela threat intelligence report can be summed up as:
- Infostealers are being sold, or rented out, to cybercriminal gangs on a malware-as-a-service basis.
- Cybercriminals are quickly moving to automated marketplaces and subscription-based models when it comes to the purchase of stolen credentials.
- Employees in project management (28%), consulting (12%), and software development (10.7%) roles were most frequently affected by the infostealer threat.
- Technology ranked as the most targeted industry sector, but aviation, IT services, automotive, manufacturing, professional services and non-profits weren’t far behind.
- Personal computers storing corporate credentials were more commonly infected than work devices.
“Organizations must prioritize proactive measures such as credential security to disrupt these attack chains before they escalate into breaches and ransomware incidents,’ Levi concluded.
Mitigating The Infostealer Malware Threat To Your Organization
To best protect against the threat of infostealer attacks against your business, Kela recommended the following seven mitigations:
- Active defense monitoring
- Proactive access management
- Robust antivirus solutions
- Employee awareness training
- Multi-factor authentication
- Audit and review of access logs
- Incident response plan management
The main takeaway, no matter what your business is, has to be that infostealer malware can no longer remain in the shadows when security is being discussed.
