Malware Steals 1.7 Billion Passwords — Publishes Them To Dark Web
The infostealer malware threat has just grown dramatically.
If you think that your password is safe and secure, the chances are you are wrong. Sorry to be the bearer of bad news, but the evidence isn’t comforting. Unless you are among the relative few that really do take their security seriously, especially when concerning passwords and their management, reuse and construction, the hackers already have the upper hand. A new analysis has confirmed the extent to which this is true, as infostealer malware publishes 1.7 billion compromised passwords to crime forums on the dark web. Here’s what you need to know.
Snapshot Of Global Threat Landscape Reveals Shocking Rise In Compromised Passwords
I have been warning readers of the dangers of infostealer malware for the longest time now. It has been apparent to me, and most cybersecurity professionals, that this single malware threat has a disproportionate impact on the attack landscape. Think about it, if a hacker, cybercriminal, state-sponsored espionage group, heck, any threat actor at all, wants access to your systems, accounts and data, what’s the easiest way to do that? Sure, they can exploit unpatched vulnerabilities, conduct multi-level supply chain attacks, or use adversary-in-the-middle tactics, but the easiest method is to use your login credentials. Stealing passwords is big business; in fact, there’s a whole sector within the cybercrime industry that has been built around it, known as initial access brokering. At the center of this industry is malware: infostealer malware.
Now, the 2025 Global Threat Landscape Report from FortiGuard Labs has confirmed what many of us already knew: the infostealer malware threat is growing at a rapid rate. The report, a snapshot of cybercrime activity across the planet during 2024, has revealed that the infostealer malware threat has grown by an incredible 500% in just 12 months. Hackers are using the malware to compromise systems, and the report said, have made 1.7 billion stolen passwords available in dark web criminal marketplaces.
Compromised Passwords Are The Currency of Cybercrime
With cybercriminals having access to more than 100 billion compromised credentials in total on underground forums, representing a 42% spike from the year before, the FortiGuard Labs report warned that this has enabled groups like BestCombo, BloddyMery, and ValidMail to package and validate stolen passwords, usernames and email addresses into “combo lists” used to populate automated credential-stuffing attacks. These groups have helped fuel “a surge in account takeovers, financial fraud and corporate espionage,” the report said.
“The traditional security playbook is no longer enough,” Derek Manky, chief security strategist at Fortinet’s FortiGuard Labs, said. “Organizations must shift to a proactive, intelligence-led defense strategy powered by AI, zero trust, and continuous threat exposure management to stay ahead of today’s rapidly evolving threat landscape.” And that includes taking better care of your passwords to prevent the rapidly-evolving infostealer malware threat.