Summary: The rise of infostealers has seen a notable uptick, with 29% of malware samples analyzed targeting credential stores, highlighting a three-fold increase over previous years. This trend allows attackers to execute lateral movements and gain elevated access to sensitive systems by leveraging stolen login credentials. Picus Security’s Red Report 2025 underscores the emergence of sophisticated tactics aimed at evading detection and enhancing data theft efficiency.
Affected: Cybersecurity landscape and organizations relying on password management systems
Keypoints :
- Infostealers are increasingly targeting password managers and browser-stored credentials for lateral movement and privilege escalation.
- Stealth techniques like process injection and encrypted exfiltration channels are becoming common to evade detection.
- The average malware sample now conducts 14 malicious actions and employs 12 ATT&CK techniques, indicating growing sophistication in cyber attacks.
- Strong emphasis on using password managers with multi-factor authentication to prevent credential theft.
Source: https://www.infosecurity-magazine.com/news/threefold-increase-malware/