Kaspersky took advantage of the Mobile World Congress 2025 to lift the veil on its latest report dedicated to infostealers, malware designed to suck up Internet users' personal data. According to Russian researchers, 2.3 million bank card details have been exposed on the dark web because of infostealers over the past two years.
More than 40,000 French bank cards affected
Experts specify that 95% of stolen numbers are still usable. In short, cybercriminals can still use the numbers to make purchases online. The data is not obsolete.
Be careful, it turns out that some of the compromised bank cards belong to French people. France represents 2% of the cards disclosed on the dark web, or more than 40,000 cards.
Compromised data gradually discovered
Armed with formidable malware, cybercriminals first compromised millions of devices over the last two years. As Kaspersky explains, "An infostealer can infect a device if a victim unknowingly downloads and executes a malicious file, for example by downloading a program disguised as legitimate software." Last year, nearly 10 million devices were compromised by viruses. Researchers estimate that the actual number of compromised devices is closer to 20 to 25 million.
It was through these compromised devices that hackers were able to collect millions of card numbers. On average, one in 14 virus infections led to the theft of bank card data over the period.
In the process, Kaspersky said it had recorded an explosion in the number of attacks for theft of banking data on smartphones last year. In a separate report, the Russian firm claims that the number of banking Trojan attacks on Android has increased from 420,000 in 2023 to 1,242,000 in 2024. All too often, viruses of this type manage to penetrate the Play Store. These types of attacks also result in the theft of bank card numbers.
A trio of dangerous malware
Kaspersky researchers have identified three viruses at the heart of most attacks that have resulted in the hacking of bank cards: Redline, Risepro and Stealc. The report indicates that Redline remains the most widespread virus in the world, accounting for 34% of the total number of infections.
On the other hand, it is Risepro that has seen the most significant growth over the past year, accounting for more than 20% of the attacks recorded. Active for two years, “the virus mainly targets bank card information, passwords and cryptocurrency wallet data”, Sergey Shcherbel explains. It hides mainly in key generators, cracks and mods for video games. That is why we recommend that you exercise caution when downloading this type of content from the web. Its code may be infested with viruses.
What to do if your bank card has been hacked?
If a virus has managed to steal your bank card details, block it, request a new card, and change your bank app password. Also, take the time to enable two-factor authentication, which will block most hackers from trying to log into your account.
Finally, treat with caution and suspicion any communications that claim to come from your bank. Scammers could use the stolen data to target you with phishing attacks, by email, text message, or phone. As cybersecurity expert Jérémie Schram explains, of WatchGuard Technologies, “Phishing remains a fantastic tool that allows hackers to reach virtually anyone, anywhere.”
0 Comments