More than one million online banking accounts linked to the world’s 100 largest banks were compromised in 2025 through infostealer malware, with stolen credentials widely circulated on dark web platforms, according to a new report by Kaspersky Digital Footprint Intelligence.
World Memon Day Event Highlights Women’s Role in Community Development
The cybersecurity firm said attackers increasingly rely on credential theft, data reuse, and mobile-based attacks, marking a shift away from traditional PC banking malware. It added that mobile financial malware grew 1.5 times in 2025 compared to the previous year.
The report found that 74% of compromised payment cards exposed on the dark web remained active as of March 2026, raising concerns that stolen financial data continues to be usable long after initial breaches.
Kaspersky noted that countries with the highest median number of compromised accounts per bank included India, Spain, and Brazil, while regional patterns showed varying cybercrime tactics across the globe.
Phishing activity also remained widespread, with fake e-commerce platforms accounting for 48.5% of financial phishing attacks in 2025. Bank-themed phishing sites represented 26.1%, while payment system scams made up 25.5%.
The report highlighted that infostealer malware plays a key role in harvesting sensitive data such as login credentials, cookies, banking card details, crypto wallet information, and browser autofill data, enabling account takeovers and financial fraud.
Experts warned that the dark web has evolved into a major hub for cybercrime, where stolen data is repackaged and sold, creating a self-sustaining criminal ecosystem that lowers the barrier for attackers.
Kaspersky urged users to avoid suspicious links, enable multi-factor authentication, use strong unique passwords, and install trusted security solutions. Businesses were also advised to strengthen infrastructure security, monitor vulnerabilities, and track dark web threats through advanced cybersecurity tools.
