Google Cloud Security report finds a concerning surge in sophistication and effectiveness of Infostealer malware.
There is an anticipated increase in the use of infostealer malware in the next year.
According to the Google Cloud Security Forecast for 2025, which it stated was not a series of predictions, it said that whilst Infostealer malware is not a novel threat, has demonstrated a concerning surge in sophistication and effectiveness.
In 2024, threat actors stole credentials via widespread infostealer campaigns in order to infiltrate a significant number of prominent organisations, resulting in various high impact intrusions.
“The alarming accessibility of credentials from these tools, even to low-skilled threat actors, amplifies their potential for widespread impact” the company said, anticipating the use of stolen credentials to persist into 2025, with infostealers continuing to serve as a primary vector to obtain them, particularly in environments where two-factor authentication remains unenforced.
Also infostealer malware has increased in sophistication in recent years, with advancements in anti-evasion techniques and capabilities to bypass endpoint detection and response (EDR), rendering them even more formidable challenges in the cyber threat landscape.
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
