2024 gave some good news and bad news in the field of cybercrime. Malware-based ransomware attacks fell for the third consecutive year. But examples of infostealer malware increased dramatically. Those conclusions come from IBM X-Fores “from”2025 Danger Intelligence Index“Released on Thursday.
First, look at the good news. For the year, ransomware was responsible for only 28% malware events, the third annual decline in a line. This means a decrease in malware distributed before the ransomware attacks. At the same time, attacks by several high-length malware distributors declined, including imolen, tricbott, iced, kakbot, goji and picbot.
Also also: Why multi-factor authentication is absolutely necessary in 2025
Of course, ransomware pose a significant danger. Based on dark web activity and analysis of other factors, IBM X-Fores saw a 25% increase in actual attacks last year. In 2024, the most active ransomware families were Akira, Lockbit, Black Basta, Ransmahab and Hunters Internationals.
However, the ongoing decline in ransomware malware is still a positive tendency, a one that X-fors have attributed to many different factors.
First of all, the appearance in multiple high-volume malware distributors is low or is completely closed. Second, joint efforts of many law enforcement agencies worldwide have given birth to Tekdown of Botnets that play a role in ransomware attacks. Third, more businesses refused to pay ransom, inspiring more attackers to find other ways to live.
Now, on bad news. Cyber criminal rainsmas are more suitable for stealing your sensitive data than catching it. This led to a weekly increase of 84% in over 2023 infostellers last year and a large increase of 180% so far in early 2025. To click on a link to the recipient or to open a file attachment, Fishing Email Launch Infoselor Malware that captures sensitive information – mostly, account credentials.
Also: Using a VPN will help protect you from malware or ransomware?
Nearly one of the three infoseller attacks analyzed by the X-Force in 2024 resulted in the theft of credentials. Stolen credibility is attractive to cyber criminals as they can easily buy and sell them on dark web marketplaces. That type of exposure leaves individuals insecure for identity theft and risks employers to more destructive types of attacks and compromises.
In 2024, the top five infostealers alone appeared in more than 8 million advertisements on the dark web. Each of those advertisements had hundreds of theft credibility, a total of 1.6 billion.
Infostealers can also serve as spyware, hiding on an infected PC or device to snoop your activity and information. Once installed, they can run in the background to snap screenshots, capture their keystrokes, and recover their passwords. A popular method of attack with infostealers, many criminal groups use one Malware-e-Saravis (Mass) model.
Also: This strange captcha can be a malware mesh – here is how to protect yourself
As the attackers have increased in sophistication, malware payloads are more cleverly disguised, making them difficult to find out for safety equipment. Using advanced infostealers, a cyber criminal can quickly close with account credentials and other sensitive data without maintaining a backdoor or running appearance.
Mark Hughes, Global Managing Partner of Cybercity Services at IBM, said, “Cyber criminals are most often breaking without breaking – capitalization at identified identity intervals from complex hybrid cloud environments that provide several access points to the attackers.”
“Businesses need to focus on a ad hoc prevention mindset and focus on active measures such as modernization certification management, plugging multi-factor authentication holes, and organizing real-time dangers to highlight hidden threats before exposing sensitive data.”
Also: How a researcher without any malware-coding skills cheated AI in creating chrome infostealers
To protect your business from infosteals and other types of malware, IBM X-Force offers the following recommendations:
1. Monitor dark webSee information about your own company, employees, networks and data what the attackers know about you.
2. Train your employeesEducate your employees about fishing attacks, poor password habits and other risks. Make sure they know how to protect themselves and your business.
3. Install an event response planMake sure all the essential people of your company know how to react to cyber attacks or compromises. Keep your event update updated to address the latest hazards targeting your industry or business.
4. Protect your sensitive dataProtect vital data, whether on-dimes, in cloud, or in hybrid environment. To do this, use encryption and access control, and make sure you monitor all data transfer.
5. Organize your identification management devicesIdentification management equipment can control access to significant data but try to reduce the number of uneven and even fruitless products. Ideally, you want them to “streamlined in a”Identity clothes” Approach.
Also: Why are your secret weapons against AI-AI-driven security equipment against tomorrow’s attacks
6. Turn to AICyber criminals use AI to craft successful attacks, so use the same technique to protect your business. With the right AI, you can often detect more rapid hazards and respond.
7. Use multi-factor authentication (MFA)Set MFA for all employees and partners that need to access your system and data. It will provide another level security if any account credentials and passwords are compromised.
Be ahead of security news with Tech todayReacted every morning to his inbox.
