--- title: "'Cyber plague': Experts warn of growing infostealer threat after billions of login details exposed" description: "Experts warn of a growing threat from \"infostealers\" following the exposure of 16 billion login credentials across various platforms, including Apple, Google, and Facebook. Cybercriminals are increasi" type: "news" locale: "en" url: "https://longbridge.com/en/news/246178168.md" published_at: "2025-06-26T02:56:39.000Z" --- # 'Cyber plague': Experts warn of growing infostealer threat after billions of login details exposed > Experts warn of a growing threat from "infostealers" following the exposure of 16 billion login credentials across various platforms, including Apple, Google, and Facebook. Cybercriminals are increasingly using advanced malware to extract sensitive data, leading to a surge in high-profile attacks. The rise of underground markets offering cybercrime-as-a-Service has democratized access to these malicious tools, making it easier for criminals to execute sophisticated attacks. Individuals and corporations are urged to adopt stronger security measures, including frequent password updates and multi-factor authentication, to combat this escalating threat. "Someone, somewhere is having data exfiltrated from their machines as we speak," says Volodymyr Diachenko, co-founder of the cybersecurity consultancy SecurityDiscovery. Sarayut Thaneerat | Moment | Getty Images Cybercriminals have intensified their efforts to steal and sell online passwords, experts warn. The alarm comes after the discovery of online datasets containing billions of exposed account credentials. The 30 datasets comprised a whopping 16 billion login credentials across multiple platforms, including Apple, Google and Facebook, and were first reported by Cybernews researchers last week. The exposures were identified over the course of this year by Volodymyr Diachenko, co-founder of the cybersecurity consultancy Security Discovery, and are suspected to be the work of multiple parties. "This is a collection of various data sets that appeared on my radar since the beginning of the year, but they all share a common structure of URLs, login details and passwords," Diachenko told CNBC. According to Daichenko, all signs point to the leaked login information being the work of "infostealers" — malware that extracts sensitive data from devices, including usernames and passwords, credit card information and online browser data. While the lists of logins are likely to contain many duplicates as well as outdated and incorrect information, the overwhelming volume of findings puts into perspective how much sensitive data is circulating on the web. It should also raise alarms on how infostealers have become the "cyber plague" of today, Daichenko said. "Someone, somewhere, is having data exfiltrated from their machines as we speak." Daichenko was able to detect the exposed data because their owners had temporarily indexed them on the web without a password lock. Inadvertently shared data leaks are often caught by Security Discovery, but not at scales seen so far this year. According to Simon Green, president of Asia-Pacific and Japan at Palo Alto Networks, the sheer scale of the 16 billion exposed credentials is alarming and certainly notable, but not entirely surprising for those on the front lines of cybersecurity. "Many modern infostealers are designed with advanced evasion techniques, allowing them to bypass traditional, signature-based security controls, making them harder to detect and stop," he added. Consequently, there's been an uptick in high-profile infostealer attacks. For example, in March, Microsoft Threat Intelligence disclosed a malicious campaign using infostealers that had affected nearly 1 million devices globally. Infostealers typically gain access to victims' devices by tricking them into downloading the malware, which can be hidden in everything from phishing emails to phony websites to search engine ads. The motive behind infostealer attacks is usually financial, with attackers often looking to directly take over bank accounts, credit cards, and cryptocurrency wallets or commit identity fraud. Cybercriminals can use stolen credentials and other personal data for purposes such as crafting highly convincing, personalized phishing attacks and blackmailing individuals or organizations. According to Palo Alto's Green, the scale and dangers of those types of infostealers have intensified, thanks to the growing prevalence of underground markets that offer "cybercrime-as-a-Service," in which vendors charge customers for malicious tools, sensitive data and other illicit online services. "Cyber crime-as-a-Service is the critical enabler here. It has fundamentally democratized cybercrime," Green said. Those underground markets — often hosted on the dark web — create demand for cybercriminals to steal personal information and then sell that to scammers. In that way, data breaches become about more than just the individual accounts — they represent a "vast, interconnected web of compromised identities" that can fuel subsequent attacks, Green said. According to Diachenko, it's likely that at least some of the compromised login datasets he identified had or will be traded to online scammers. On top of that, malware kits and other resources that can help to facilitate infostealer attacks can be found on those markets. CNBC has reported on how the availability of those tools and services has significantly lowered technical barriers for aspiring criminals, allowing sophisticated attacks to be executed at a massive, global scale. The report found that infostealer attacks grew by 58% in 2024. With the increasing prevalence of malware and online usage, it's now fair to assume that most people will, at some point, come in contact with an infostealer threat, said Ismael Valenzuela, vice president of threat research and intelligence at cybersecurity company Arctic Wolf. In addition to frequent password updates, individuals will need to be more alert about the increasing amount of malware hiding in illegitimate software, applications and other downloadable files, Valenzuela said. He added that the use of multi-factor authentication on accounts has become more important than ever. From a corporate perspective, it's important to adopt a "zero trust architecture" that not only constantly authenticates the user, but also authenticates the device and user's behavior, he added. Governments have also been doing more to crack down on infostealing activities in recent months. In May, Europol's European Cybercrime Centre said it had collaborated with Microsoft and global authorities to disrupt the "Lumma" infostealer, which it called "the world's most significant infostealer threat." ### Related Stocks - [AAPL.US - Apple](https://longbridge.com/en/quote/AAPL.US.md) - [GOOGL.US - Alphabet](https://longbridge.com/en/quote/GOOGL.US.md) - [GOOG.US - Alphabet - C](https://longbridge.com/en/quote/GOOG.US.md) ## Related News & Research | Title | Description | URL | |-------|-------------|-----| | 股神巴菲特再現「神準」操作 亞馬遜急跌前大減倉 再沽蘋果美銀 買入一隻媒體股 | 股神巴菲特在卸任巴郡 CEO 後,繼續調整投資組合。根據 SEC 13F 文件,巴郡大幅減持亞馬遜 770 萬股,持倉減少 77%;同時出售約 5,080 萬股美國銀行和 1,030 萬股蘋果,連續第三季減持蘋果。巴郡首次增持傳統媒體股,購 | [Link](https://longbridge.com/en/news/276191227.md) | | Waymo 在紐約州撤銷有關機器人出租車擴展的條款後遭受打擊 | Waymo 在紐約州撤銷機器人出租車擴展條款後遭受打擊 | [Link](https://longbridge.com/en/news/276441421.md) | | “硬件防禦” 對沖 AI 焦慮,蘋果與納指相關性創 20 年新低 | AI 浪潮下,蘋果因未深度捲入軍備競賽,與納指相關性創 20 年新低,成為科技股動盪中的 “避風港”。在 AI 投資回報存疑及軟件業面臨顛覆的焦慮中,蘋果憑藉不易受衝擊的硬件生態逆勢突圍。儘管存在估值偏高及增長放緩壓力,其獨特的 “AI 中 | [Link](https://longbridge.com/en/news/276301841.md) | | 谷歌高層回應 AI 泡沫質疑:這是工業革命,但速度快 10 倍、規模大 10 倍 | 谷歌 CEO 在印度 AI 峯會上透露谷歌雲積壓訂單已翻倍至 2400 億美元,以此證明高額資本開支的合理性。DeepMind CEO 預測實現通用人工智能至少仍需 5-10 年。谷歌高層一致認為,AI 將從根本上改變中小企業和科學研究的工 | [Link](https://longbridge.com/en/news/276440500.md) | | 谷歌突然發佈 Gemini 3.1 Pro:核心推理性能直接翻倍 | 谷歌發佈了最新的大模型 Gemini 3.1 Pro,其推理性能較去年發佈的 Gemini 3 Pro 翻倍。在 ARC-AGI-2 評測中,Gemini 3.1 Pro 得分 77.1%,顯示出強大的推理能力。新模型支持多源數據綜合和複雜 | [Link](https://longbridge.com/en/news/276396515.md) | --- > **Disclaimer**: This article is for reference only and does not constitute any investment advice.