Infostealers Fuel 2.1B Credentials and 23M Host Infections

Cybercriminal activity is reaching unprecedented levels, with 2024 witnessing a dramatic surge in malware-fueled attacks that have left organizations scrambling to safeguard their data.

A recent report from Flashpoint paints a stark picture of a threat landscape defined by infostealers, credential theft, and escalating vulnerabilities, urging organizations to strengthen their defenses against these relentless adversaries.

Infostealers: A rising cyberthreat

Infostealers have emerged as a preferred tool for cybercriminals due to their low cost and ease of deployment. Last year, they infected 23 million hosts, with one strain — Redline — responsible for 43% of these infections by compromising nearly 9.9 million devices.

This surge enabled the theft of 2.1 billion credentials, accounting for roughly 75% of the total 3.2 billion credentials stolen in 2024. The Flashpoint 2025 Global Threat Intelligence Report further highlights that these simple yet effective tools have become primary vectors for account takeovers and subsequent ransomware deployments, emphasizing that the threat is widespread and rapidly evolving.

Credential theft and malware tactics

The report underscores a staggering 33% year-over-year increase in compromised credentials, illustrating how cybercriminals are refining their tactics. With more than 200 million credentials already stolen in the first two months of 2025, attackers are leveraging the harvested data to infiltrate corporate networks, bypass security controls, and expand their reach. 

The ease of access to these tools on underground marketplaces — averaging around $200 per month — allows even low-skilled threat actors to launch large-scale campaigns with devastating results.

Exploiting vulnerabilities and ransomware trends

In addition to infostealers, the threat landscape has been compounded by a significant rise in exploitable vulnerabilities. Flashpoint’s report notes that over 37,000 vulnerabilities were identified in 2024, with more than 39% accompanied by public exploit code.

This environment of weakened defenses is fueling a 10% increase in ransomware attacks and a 6% rise in data breaches across all sectors. Such trends signal that attackers are diversifying their techniques and targeting the most vulnerable points in an organization’s digital infrastructure.

What this means for organizations

For organizations, these alarming trends are a call to action. The convergence of infostealer-driven credential theft, widespread vulnerability exploitation, and increased ransomware incidents demands a proactive and comprehensive security strategy.

Companies must invest in advanced threat intelligence, continuous vulnerability assessment, and robust incident response frameworks to protect critical assets. By staying informed and vigilant, organizations can mitigate risks and ensure resilience in an era defined by sophisticated cyberthreats.

Explore some top vulnerability management tools to discover security flaws in your network and cloud environments so you can make fixes before hackers can exploit them.