Kaspersky Lab specialists report, that last year more than half of the devices attacked by stealers in the world (55%) were infected with RedLine malware. In total, about 10 million systems were affected by information stealers in 2023, and the number of infections increased by 35% from 2022 to 2023.
Researchers remind that RedLine has been active since 2020. This malware allows attackers to steal logins, passwords, cookies, bank card and crypto wallet data, as well as download and run third-party programs. RedLine is distributed, among other things, through spam mailings and third-party downloaders.
Advertisement
Overall, in 2020-2023, RedLine was used in 51% of cases of device infection with stealers. It is followed by Vidar (17%) and Raccoon (about 12%).
In total, between 2020 and 2023, experts discovered more than 100 types of information stealers. At the same time, from 2021 to 2023, the share of attacks using new families of such malware increased from 4% to 28%. For example, in 2023, the Lumma stealer alone accounted for more than 6% of infections.
It is noted that the data collected by stealers is usually sold to other criminals on the darknet, but is sometimes even published for free. In this way, some hackers try to increase their reputation in the community.
Advertisement
However, log files are often not published immediately. For example, data could be stolen in 2022, and the log file appeared only a year later. Because of this, experts expect a further increase in the number of infections, given the number of stealer attacks recently.