Infostealer
Cybersecurity statistics about infostealer
Showing 1-20 of 21 results
WhiteSnake Stealer was the most widely observed infostealer family, accounting for 31.6% of all tracked output, followed by RedLine at 23.9%, Rhadamanthys at 17.1%, and StealC at 6.9%.
In 2025, the Lumma infostealer was responsible for 2.2 million dark web listings, roughly 42% of the total.
Credential-stealer infections were dominated by RedLine with 911,968 infections (50.80%), Lumma with 499,784 infections (27.84%), and Vidar with 236,778 infections (13.19%).
Infostealer infection attempts increased 58% in 2024.
Infostealer malware has tripled in prevalence.
Both infostealer infections and compromised credentials are on track to surpass 2024 figures, which saw over 4.3 million machines infected with approximately 330 million compromised credentials. This indicates a 24% increase YoY in these areas.
2.67 million machines were infected by infostealer malware in H1 2025. This led to more than 204 million compromised credentials being observed.
The theft of credentials via information-stealing malware has skyrocketed by 800% since the start of 2025.
Infostealers are projected to account for 35% of detected malware threats in 2025.
There has been a 156% increase in cyberattacks that target user logins, specifically attributed to info-stealing malware and advanced phishing kits.
Infostealer malware attacks have surged by 58% in Latin America.
Lumma Stealer is now the top type of malware and accounts for over 25% of recorded infostealer attacks worldwide.
Before disruption, Lumma Stealer activity in H1 2025 was higher than in H2 2024 (+21%).
Lumma Stealer accounts for over 50% of infostealer attacks on the US SLED sector.
Infostealer activity has surged by 266% in recent years.
FortiGuard Labs observed a 500% increase in the past year in logs available from systems compromised by infostealer malware.
Early data from 2025 suggests an even greater increase of 180% of weekly infostealer volume compared to 2023.
The number of infostealers delivered via phishing emails per week increased by 84% year-over-year.
Analysis of dark web data reveals listings of infostealer advertisements increased 12% in 2024 over the previous year.
There was a 12% year-over-year increase of infostealer credentials for sale on the dark web.