Guest Post: Cheap hacks, big consequences: The $100 infostealer threat that can devastate companies
Insights from the dark web reveal that the price cybercriminals need to pay to cause a devastating company data breach could be as low as $100
A cyberattack can cost companies millions as well as customers’ trust, which may have taken years to build. However, according to Vakaris Noreika, a cybersecurity expert at NordStellar, bad actors can buy leaked data that can cause a devastating, million-dollar security breach for as low as $100.
In 2024, the average data breach cost was $4.88M, an increase of 10% since 2023. As the financial ramifications of confidential information leaks have reached record highs since the height of the pandemic, Noreika says that businesses should be especially vigilant about the looming infostealer threat.
Infostealers are malware designed to infiltrate systems and devices and steal personal data. They can collect various information, including credentials, cookies, credit card details, and even miscellaneous files on a compromised device, like photos or documents.
“Infostealers have been a significant cybersecurity concern for years due to the impact of their attacks. They’re quick, easy to spread, and highly efficient, and anyone can become a target,” says Noreika. “Usually, their attacks are random, but in some instances, cybercriminals can also use infostealers for targeted strikes.”
The low cost of infostealers for cybercriminals
Noreika explains that infostealers are spread through phishing emails, malicious advertisements, and other scams that involve a victim accidentally downloading malware. Once the infostealer has access, it collects all available data and compiles it into a stealer log, which houses emails, passwords, credit card details, and other valuable information. These stealer logs are sold on the dark and deep web as well as Telegram channels.
“Dark web users can purchase stealer logs by subscribing to a private channel. The average price for a weekly subscription is around $81, and the monthly subscription is about $200,” explains Noreika. “Typically, cybercriminals can buy 16 gigabytes of personal information for just $1.”
How hackers use infostealers to target companies
According to Noreika, the stealer logs contain the personal information of all individuals compromised by infostealer attacks, indicating that the victims are a broad mix of users rather than specific individuals. Bad actors buy these stealer logs to commit identity theft, empty bank accounts, or use the obtained personal information to carry out more personalized scams against the victims for financial gain. However, finding credentials linked to a business is the ultimate hacker jackpot.
“If an employee’s credentials happen to end up in a stealer log, hackers can easily identify the company by checking the email domain and use those credentials to infiltrate an enterprise’s network,” says Noreika. “Once the cybercriminals are inside the network, they can steal more valuable data, like personal client information, company secrets, and other confidential documents, or shut down their operations and ask for hefty payouts to get them running again.”
Alternatively, hackers can purchase infostealers as a service. Instead of buying confidential information that was previously stolen by other infostealers, cybercriminals purchase notorious malware like RedLine or LummaC2 to use at their own disposal.
“The subscription fees for infostealers as a service vary — they can be as low as a couple of hundred dollars or cost over $1,000. The end price depends on the functionality, efficiency, and complexity of the infostealer,” says Noreika. “By purchasing infostealers as a service, cybercriminals gain full control over how and where the malware is deployed, enabling them to conduct highly targeted attacks. This poses a serious risk to businesses, which are much more attractive targets than individuals as successful attacks can lead to significantly higher financial gains.”
To safeguard against infostealers, Noreika suggests businesses focus on their first line of defense — their employees — and build a comprehensive cybersecurity strategy that can prevail if they make a mistake.
“It’s necessary to ensure that employees are aware of how infostealers are distributed and refrain from interacting with suspicious emails, visiting malicious websites, or downloading unauthorized files that can contain malware,” says Noreika. “However, some user error is inevitable. If an employee slips up, a strong cybersecurity foundation, consisting of an antivirus solution, multi-factor authentication, strict network segmentation policies, and active dark web monitoring for company or employee data leaks, will ensure the business stays protected.”
ABOUT NORDSTELLAR
NordStellar is a next-generation threat exposure management platform that enables companies to detect and respond to cyber threats before they escalate. NordStellar offers visibility into how threat actors work and what they do with compromised data. NordStellar was created by Nord Security, a globally recognized company behind one of the world’s most popular digital privacy tools, NordVPN. For more information, visit nordstellar.com.
This entry was posted on May 14, 2025 at 9:40 am and is filed under Commentary with tags NordStellar. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Guest Post: Cheap hacks, big consequences: The $100 infostealer threat that can devastate companies
Insights from the dark web reveal that the price cybercriminals need to pay to cause a devastating company data breach could be as low as $100
A cyberattack can cost companies millions as well as customers’ trust, which may have taken years to build. However, according to Vakaris Noreika, a cybersecurity expert at NordStellar, bad actors can buy leaked data that can cause a devastating, million-dollar security breach for as low as $100.
In 2024, the average data breach cost was $4.88M, an increase of 10% since 2023. As the financial ramifications of confidential information leaks have reached record highs since the height of the pandemic, Noreika says that businesses should be especially vigilant about the looming infostealer threat.
Infostealers are malware designed to infiltrate systems and devices and steal personal data. They can collect various information, including credentials, cookies, credit card details, and even miscellaneous files on a compromised device, like photos or documents.
“Infostealers have been a significant cybersecurity concern for years due to the impact of their attacks. They’re quick, easy to spread, and highly efficient, and anyone can become a target,” says Noreika. “Usually, their attacks are random, but in some instances, cybercriminals can also use infostealers for targeted strikes.”
The low cost of infostealers for cybercriminals
Noreika explains that infostealers are spread through phishing emails, malicious advertisements, and other scams that involve a victim accidentally downloading malware. Once the infostealer has access, it collects all available data and compiles it into a stealer log, which houses emails, passwords, credit card details, and other valuable information. These stealer logs are sold on the dark and deep web as well as Telegram channels.
“Dark web users can purchase stealer logs by subscribing to a private channel. The average price for a weekly subscription is around $81, and the monthly subscription is about $200,” explains Noreika. “Typically, cybercriminals can buy 16 gigabytes of personal information for just $1.”
How hackers use infostealers to target companies
According to Noreika, the stealer logs contain the personal information of all individuals compromised by infostealer attacks, indicating that the victims are a broad mix of users rather than specific individuals. Bad actors buy these stealer logs to commit identity theft, empty bank accounts, or use the obtained personal information to carry out more personalized scams against the victims for financial gain. However, finding credentials linked to a business is the ultimate hacker jackpot.
“If an employee’s credentials happen to end up in a stealer log, hackers can easily identify the company by checking the email domain and use those credentials to infiltrate an enterprise’s network,” says Noreika. “Once the cybercriminals are inside the network, they can steal more valuable data, like personal client information, company secrets, and other confidential documents, or shut down their operations and ask for hefty payouts to get them running again.”
Alternatively, hackers can purchase infostealers as a service. Instead of buying confidential information that was previously stolen by other infostealers, cybercriminals purchase notorious malware like RedLine or LummaC2 to use at their own disposal.
“The subscription fees for infostealers as a service vary — they can be as low as a couple of hundred dollars or cost over $1,000. The end price depends on the functionality, efficiency, and complexity of the infostealer,” says Noreika. “By purchasing infostealers as a service, cybercriminals gain full control over how and where the malware is deployed, enabling them to conduct highly targeted attacks. This poses a serious risk to businesses, which are much more attractive targets than individuals as successful attacks can lead to significantly higher financial gains.”
To safeguard against infostealers, Noreika suggests businesses focus on their first line of defense — their employees — and build a comprehensive cybersecurity strategy that can prevail if they make a mistake.
“It’s necessary to ensure that employees are aware of how infostealers are distributed and refrain from interacting with suspicious emails, visiting malicious websites, or downloading unauthorized files that can contain malware,” says Noreika. “However, some user error is inevitable. If an employee slips up, a strong cybersecurity foundation, consisting of an antivirus solution, multi-factor authentication, strict network segmentation policies, and active dark web monitoring for company or employee data leaks, will ensure the business stays protected.”
ABOUT NORDSTELLAR
NordStellar is a next-generation threat exposure management platform that enables companies to detect and respond to cyber threats before they escalate. NordStellar offers visibility into how threat actors work and what they do with compromised data. NordStellar was created by Nord Security, a globally recognized company behind one of the world’s most popular digital privacy tools, NordVPN. For more information, visit nordstellar.com.
Share this:
Like this:
Related
This entry was posted on May 14, 2025 at 9:40 am and is filed under Commentary with tags NordStellar. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.