Surge in RedLine infections in 2023 according to Kaspersky Lab

Over the past year, RedLine malware has shown worrying growth in its spread, impacting more than 10 million systems globally. According to a report by Kaspersky Lab, in 2023, infostealers, or malicious software that steals information, caused a 35% increase in infections compared to 2022, with RedLine responsible for 55% of these attacks. This malware, active since 2020, affected more than half of the devices examined by researchers.

Attack mode and type of data stolen by RedLine

RedLine specializes in the theft of sensitive data such as login credentials, passwords, browser cookies, credit card details and cryptocurrency wallets. Apart from this, the malware has the ability to download and execute third party software, thus expanding its malicious potential. RedLine spread occurs mainly through spam emails and software downloaded from untrustworthy sources, making it particularly insidious.

Comparison with other malware and growth trends of infostealers

From 2020 to 2023, RedLine was the top player among infostealers, accounting for 51% of infections analyzed, followed by Vidar and Raccoon, at 17% and 12%, respectively. Over the period considered, over 100 different types of infostealers were identified. From 2021 to 2023, there was significant growth in new malware families in this segment, rising from 4% to 28% of documented cases.

The sale of data on the darknet and the strategies of hackers

Data stolen through these attacks is typically traded on the darknet, but it is not uncommon for it to also be disclosed for free as a ploy to boost the attackers' reputation within cybercriminal communities. The phenomenon highlights a growing economic and strategic interest in personal and corporate data, with significant implications for cybersecurity globally.