The “2025 Cyber Threat Report” by Huntress confirms that infostealers like Vidar and Raccoon are responsible for 24% of all cyber incidents in 2024, emphasizing their critical role in modern cyber threats. This epidemic affects various sectors including healthcare, education, government, technology, and military, where they’ve caused significant breaches. Affected: healthcare, education, government, technology, military, corporations
Keypoints :
- Infostealers account for 24% of cyber incidents in 2024, according to Huntress’s report.
- Malware families such as Vidar, Lumma, RedLine, and Raccoon are identified as key infostealers.
- Healthcare, education, government, technology, and military sectors are particularly vulnerable.
- Infostealers collect credentials and sensitive data, often leading to further attacks by ransomware groups.
- Huntress influences proactive cybersecurity strategies through real-time monitoring of endpoints across industries.
- The timeframe from initial infostealer compromise to data theft is decreasing, with ransomware attacks occurring as quickly as six hours post-infection.
- Huntress and Infostealers.com advocate for layered defenses and constant vigilance in cybersecurity.
MITRE Techniques :
- Credential Dumping (T1003): Infostealers harvest credentials from compromised devices.
- Exploitation for Client Execution (T1203): Use of malicious scripts like PowerShell and VBScript to execute attacks.
- Initial Access (T1078): Infostealers serve as gateways for further attacks by providing access to attackers.
- Data Encrypted for Impact (T1486): Ransomware deployed shortly after credential theft can lead to data encryption and extortion.
Indicator of Compromise :
- No IoC Found