A brief look at all things infostealers for the week 30, 2025 (21.07.2025–27.07.2025). I had some issues with accessing to the XSS forum due to well-known developments, therefore, no Infostealer updates. Grabbed some numbers from marketplaces and some interesting news/articles.
Infostealer Updates
¯\_(ツ)_/¯
Marketplace Updates
This section provides some numbers taken from the marketplaces, which include numbers of victims based on stealers, top 5 countries, the victim numbers in the countries of the Nordic region. In addition, see the CryptPad spreadsheet for all more broad numbers.
Marketplace Updates Spreadsheet
RussianMarket
Stealers by number of victims
| Stealer name | Number of victims |
|---|---|
| Lumma | 9,323,005 |
| Vidar | 1,442,120 |
| RisePro | 1,429,021 |
| StealC | 1,059,201 |
| RedLine | 789,264 |
| Acreed | 347,076 |
| Racoon | 329,117 |
| Rhadamanthys | 30,219 |
Top 5 countries by number of victims
| Country | Number of victims |
|---|---|
| India | 1,550,927 |
| Brazil | 1,144,305 |
| Indonesia | 795,101 |
| Egypt | 728,040 |
| Pakistan | 713,121 |
Nordic region countries
| Country | Number of victims |
|---|---|
| Sweden | 25,451 |
| Denmark | 13,490 |
| Norway | 10,664 |
| Finland | 9,053 |
| Iceland | 1,259 |
| Greenland | 184 |
| Faroe | 118 |
| Åland | 22 |
ExodusMarket
Stealers by number of victims
| Stealer name | Number of victims |
|---|---|
| Lumma | 473,392 |
| Rhadamanthys | 101,472 |
| RedLine | 35,354 |
| Unknown | 23,183 |
| StealC | 16,658 |
| Vidar | 7,242 |
Top 5 countries by number of victims
| Country | Number of victims |
|---|---|
| India | 70,605 |
| Brazil | 49,827 |
| Indonesia | 37,083 |
| USA | 28,865 |
| Philippines | 24,709 |
Nordic region countries
| Country | Number of victims |
|---|---|
| Sweden | 1,846 |
| Denmark | 1,020 |
| Norway | 794 |
| Finland | 592 |
| Iceland | 87 |
Articles/News
Back to Business: Lumma Stealer Returns with Stealthier Methods
- https://www.trendmicro.com/en_us/research/25/g/lumma-stealer-returns.html
New Advanced Stealer (SHUYAL) Targets Credentials Across 19 Popular Browsers
- https://hybrid-analysis.blogspot.com/2025/07/new-advanced-stealer-shuyal-targets.html
The Rise of Acreed Infostealer in the Post-LummaC2 Threat Landscape
- https://www.bitsight.com/blog/the-rise-of-acreed-infostealer
Startup takes personal data stolen by malware and sells it on to other companies
- https://www.malwarebytes.com/blog/news/2025/07/startup-takes-personal-data-stolen-by-malware-and-sells-it-on-to-other-companies
Hacker sneaks infostealer malware into early access Steam game
- https://www.bleepingcomputer.com/news/security/hacker-sneaks-infostealer-malware-into-early-access-steam-game/