Research shows rapid growth of infostealer attacks in the Netherlands

Cybersecurity firm ESET detected over 33,000 infostealer attacks in 2024 in the Netherlands, which is an increase of 17% compared to the year before.

Infostealers are malicious programs that secretly steal sensitive information from a victim’s device, such as login credentials, session cookies, and payment information.

An infostealer operates undetected on an infected system and sends stolen data directly to attackers. This information is then used for financial fraud or sold on the dark web, forums, or Telegram channels.

ESET is seeing a sharp increase in the use of infostealers. Last year, the cybersecurity firm detected over 33,000 infostealer attacks in the Netherlands.

According to ESET, infostealers have become increasingly popular because many variants are easily available as malware-as-a-service. This means that low-skilled hackers with little technical knowledge can launch an attack on unsuspecting victims.

In addition to familiar names such as JS/Spy.Banker (Magecart), Formbook, and Agent Tesla, ESET also sees emerging threats like Lumma Stealer, which has been detected over 300 times in the Netherlands. This specific infostealer is distributed, among other things, via fraudulent CAPTCHAs on malicious websites.

“The impact of infostealers is enormous. With the stolen data, cybercriminals can take over digital identities, steal savings or prepare ransomware attacks,” says Harm Teunis, Security Evangelist & Technical Writer at ESET Netherlands.

In October 2024, ESET joined forces with national and international law enforcement agencies to take down the digital infrastructure of RedLine and Meta infostealers. Dutch police officers confiscated three servers during Operation Magnus.

ESET expects that other criminals will seize the opportunity and exploit this gap, further increasing the use of infostealers.

The cybersecurity firm recommends taking security measures against infostealers. Consumers and businesses should always make sure that they’ve installed the latest security updates for their operating system and other software.

In addition, they should only download apps via official channels, like the Play Store or App Store. Lastly, they should use strong and unique passwords, enable two-factor authentication (2FA) when available, and use a firewall and VPN to protect their network.