A Modern-Day Plague: Infostealers Expose Billions Of Log-In Credentials, Compromising Digital Safety

Some 30 datasets, filled with 16 billion login credentials that had been stolen by cybercriminals from platforms like Apple, Google, and Facebook, have been found on the dark web, Cybernews reported last week.

"This is not just a leak – it's a blueprint for mass exploitation. With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing. What's especially concerning is the structure and recency of these datasets – these aren't just old breaches being recycled. This is fresh, weaponizable intelligence at scale," Cybernews' researchers said.

Don't Miss:

• Trade crypto futures on Plus500 with up to $200 in bonuses — no wallets, just price speculation and free paper trading to practice different strategies.
• Grow your IRA or 401(k) with Crypto – unlock the power of alternative investments including a Crypto IRA within your retirement account.

Following the release of that information, experts are warning CNBC that infostealers — a form of malware that extracts sensitive information from personal devices— are becoming a modern-day plague.

Co-founder of the cybersecurity consultancy Security Discovery, Volodymyr Diachenko, worked on the Cybernews discoveries. He told CNBC that infostealers have become so pervasive that, "Someone, somewhere, is having data exfiltrated from their machines as we speak."

Not all of the data included in the logins was fully original, Diachenko says. Large portions of it were likely outdated or duplicates, but it still provides much-needed perspective on just how much of our supposedly private information is circulating on the web.

Trending: New to crypto? Get up to $400 in rewards for successfully completing short educational courses and making your first qualifying trade on Coinbase.

Palo Alto Networks' PANW president of Asia-Pacific and Japan, Simon Green, also told CNBC the Cybernews findings are alarming but not totally unexpected. "Many modern infostealers are designed with advanced evasion techniques, allowing them to bypass traditional, signature-based security controls, making them harder to detect and stop," he said.

According to these experts, there has been a significant uptick in major infostealer attacks thanks to underground markets that provide this malware. Often located on the dark web, these markets supply malicious tools for a fee, and have created demand for cybercriminals to steal the data and then sell it on to scammers. 

See Also: A must-have for all crypto enthusiasts: Sign up for the Gemini Credit Card today and earn rewards on Bitcoin Ether, or 60+ other tokens, with every purchase.

"Cybercrime-as-a-Service is the critical enabler here. It has fundamentally democratized cybercrime," Green told CNBC. These data breaches now represent a "vast, interconnected web of compromised identities" that can fuel subsequent attacks, he continued.

Vice president of threat research & intelligence at cybersecurity company Artic Wolf, Ismael Valenzuela, told CNBC that with the increase of malware and internet use, it's safe to assume that most people will come into contact with an infostealer at some point. Frequent password updates and multifactor authentication have become more important than ever, Valenzuela says.

Read Next: Named a TIME Best Invention and Backed by 5,000+ Users, Kara's Air-to-Water Pod Cuts Plastic and Costs — And You Can Invest At Just $6.37/Share 

Image: Shutterstock