Millions of Bank Cards Exposed on the Darknet

Silicon Editorial,
Linkedin
Millions of Bank Cards Exposed on the Darknet

According to estimates by security service provider Kaspersky, data from 2.3 million bank cards has been leaked over the past two years.

Analyses also reveal that credit card information is stolen in approximately every 14th infection with an infostealer. Kaspersky reports that 26 million Windows devices have already been compromised by stealers, with 9 million cases occurring in 2024 alone. An estimated 95% of the data leaked on the darknet is believed to be accurate.

At the same time, the security specialist emphasizes that less than one in a hundred bank cards worldwide is affected. Nonetheless, Kaspersky provides further background information in a press release published today. Here are some key excerpts:

Infostealers extract not only financial information but also login credentials, cookies, and other valuable user data. This stolen information is then sold on the darknet as log files. Infections occur unnoticed when victims download and execute malicious files disguised as legitimate software—such as game cheats.

Infostealers spread through phishing links, compromised websites, and malicious email or messenger attachments, affecting both individuals and businesses. In 2023 and 2024, various infostealers infected at least 26 million Windows devices.

Active Infostealers: RedLine, RisePro, and Stealc

"However, the actual number of infected devices is likely much higher," explains Sergey Shcherbel from Kaspersky. "Cybercriminals often distribute stolen data months or even years after the initial infection. As a result, login credentials and other sensitive information gradually appear on the dark web over time. The longer the period, the more infections from previous years come to light. We estimate that the total number of devices infected with an infostealer in 2024 will likely range between 20 and 25 million, while the estimated number of infections in 2023 falls between 18 and 22 million."

In 2024, the most widespread infostealer was RedLine, accounting for 34% of all infections. RisePro, which was responsible for just 1.4% of infections in 2023, surged to 23% in 2024.

"This makes RisePro an increasing threat," says Shcherbel. "First discovered two years ago, it now appears to be gaining momentum. RisePro primarily targets bank card data, passwords, and cryptocurrency wallets, spreading through key generators, software cracks, and game modifications."

Another rapidly spreading infostealer, Stealc, first appeared in 2023. Its share of infections grew from just under 3% to 13% in 2024.

Protection Recommendations

If users suspect their bank details have been stolen, they should take immediate action:

  • Check messages from the bank and request a new card if necessary.
  • Change passwords for banking apps and online banking accounts.
  • Enable two-factor authentication or other security measures.
  • Set a payment limit if needed.

If account or balance data has been leaked, users should remain highly vigilant against phishing emails, fraudulent text messages, or scam phone calls. When in doubt, always contact the bank directly.

Additionally, users should:

  • Change passwords for compromised accounts and monitor transactions closely.
  • Conduct full security scans on all devices and remove any detected malware.

For businesses, proactively monitoring the darknet for compromised accounts can help mitigate risks before they pose a threat to customers or employees.