{"id":35712,"date":"2026-04-14T12:42:43","date_gmt":"2026-04-14T04:42:43","guid":{"rendered":"https:\/\/www.techbeatph.com\/wproot\/?p=35712"},"modified":"2026-04-14T12:43:11","modified_gmt":"2026-04-14T04:43:11","slug":"kaspersky-compromised-credential-theft","status":"publish","type":"post","link":"https:\/\/www.techbeatph.com\/wproot\/kaspersky-compromised-credential-theft\/","title":{"rendered":"Kaspersky: Over 1 million bank accounts compromised as cyber threats shift to credential theft"},"content":{"rendered":"<p data-start=\"260\" data-end=\"625\"><a href=\"https:\/\/www.kaspersky.com\"><span class=\"hover:entity-accent entity-underline inline cursor-pointer align-baseline\"><span class=\"whitespace-normal\">Kaspersky<\/span><\/span><\/a> reports that more than one million online banking accounts were compromised in 2025, as financial cyber threats increasingly shift from traditional malware to credential theft and data reuse.<\/p>\n<p data-start=\"260\" data-end=\"625\">The findings reflect a broader change in how attackers target users, relying more on infostealers, phishing, and dark web marketplaces.<\/p>\n<p data-start=\"627\" data-end=\"764\">The trend signals a growing risk for both individuals and organizations, especially as digital banking and mobile usage continue to rise.<\/p>\n<h4 data-section-id=\"1jveojp\" data-start=\"771\" data-end=\"828\">Credential theft replaces traditional banking malware<\/h4>\n<p data-start=\"830\" data-end=\"1002\">According to <a href=\"https:\/\/www.techbeatph.com\/wproot\/kaspersky-next-soc-ai-update\/\"><span class=\"hover:entity-accent entity-underline inline cursor-pointer align-baseline\"><span class=\"whitespace-normal\">Kaspersky<\/span><\/span><\/a>, attackers are moving away from conventional PC-based banking malware and focusing instead on stealing login credentials.<\/p>\n<p data-start=\"1004\" data-end=\"1029\">Infostealers now collect banking usernames and passwords, browser-stored autofill data, payment card details, and crypto wallet credentials.<\/p>\n<p data-start=\"1155\" data-end=\"1313\">These stolen datasets are then reused or sold on the dark web, enabling account takeovers and fraudulent transactions without needing direct system infection.<\/p>\n<p data-start=\"1315\" data-end=\"1420\">In 2025 alone, over one million accounts from the world\u2019s largest banks were exposed through this method.<\/p>\n<h4 data-section-id=\"19wgjfd\" data-start=\"1427\" data-end=\"1480\">Financial phishing evolves with regional patterns<\/h4>\n<p data-start=\"1482\" data-end=\"1561\">Phishing remains a major entry point for attacks, but its targets are shifting.<\/p>\n<p>E-commerce platforms accounted for 48.5% of phishing pages worldwide in 2025. Banks made up 26.1% while payment systems represented 25.5%.<\/p>\n<p data-start=\"1707\" data-end=\"1823\">The shift toward online shopping platforms suggests attackers are targeting services that are easier to impersonate.<\/p>\n<p data-start=\"1825\" data-end=\"1846\">Regional trends vary:<\/p>\n<ul data-start=\"1847\" data-end=\"2040\">\n<li data-section-id=\"d6noa0\" data-start=\"1847\" data-end=\"1895\">Middle East: heavy focus on e-commerce scams<\/li>\n<li data-section-id=\"33tzia\" data-start=\"1896\" data-end=\"1939\">Africa: bank-focused phishing dominates<\/li>\n<li data-section-id=\"1d0ax4\" data-start=\"1940\" data-end=\"1989\">LATAM: balanced mix of e-commerce and banking<\/li>\n<li data-section-id=\"1qfubxb\" data-start=\"1990\" data-end=\"2040\">APAC and Europe: diversified attack strategies<\/li>\n<\/ul>\n<p data-start=\"2042\" data-end=\"2137\">This localization shows how cybercriminals adapt tactics based on user behavior in each region.<\/p>\n<h4 data-section-id=\"1snilze\" data-start=\"2144\" data-end=\"2190\">Mobile financial malware continues to rise<\/h4>\n<p data-start=\"2192\" data-end=\"2267\">While PC-based banking malware is declining, mobile threats are increasing.<\/p>\n<p data-start=\"2269\" data-end=\"2290\"><a href=\"https:\/\/www.techbeatph.com\/wproot\/kaspersky-next-ai-soc-console-edr-xdr\/\">Kaspersky<\/a> data shows that mobile banking malware attacks grew by 1.5x in 2025. This happens as more users are managing finances via smartphones.<\/p>\n<p data-start=\"2401\" data-end=\"2530\">This shift makes mobile devices a primary target, especially in markets like Southeast Asia where mobile-first banking is common.<\/p>\n<h4 data-section-id=\"l4zjgm\" data-start=\"2537\" data-end=\"2583\">Dark web fuels large-scale financial fraud<\/h4>\n<p data-start=\"2585\" data-end=\"2662\">The report highlights the dark web as a central hub for financial cybercrime.<\/p>\n<p data-start=\"2664\" data-end=\"2679\">Stolen data is:<\/p>\n<ul data-start=\"2680\" data-end=\"2804\">\n<li data-section-id=\"ho76cv\" data-start=\"2680\" data-end=\"2709\">Aggregated and repackaged<\/li>\n<li data-section-id=\"pnf8mf\" data-start=\"2710\" data-end=\"2751\">Sold as ready-to-use credential lists<\/li>\n<li data-section-id=\"11fglpz\" data-start=\"2752\" data-end=\"2804\">Combined with phishing kits for scalable attacks<\/li>\n<\/ul>\n<p data-start=\"2806\" data-end=\"2971\">Notably, 74% of compromised payment cards identified in 2025 remained valid as of March 2026\u2014meaning attackers can exploit stolen data long after the initial breach.<\/p>\n<p data-start=\"2973\" data-end=\"3073\">Countries with the highest number of compromised accounts per bank include India, Spain, and Brazil.<\/p>\n<h4 data-section-id=\"esp2s2\" data-start=\"3080\" data-end=\"3116\">What users and businesses can do<\/h4>\n<p data-start=\"3118\" data-end=\"3211\">To counter rising credential-based threats, <a href=\"https:\/\/www.techbeatph.com\/wproot\/kaspersky-honeymyte-apt-coolclient\/\"><span class=\"hover:entity-accent entity-underline inline cursor-pointer align-baseline\"><span class=\"whitespace-normal\">Kaspersky<\/span><\/span><\/a> presented recommendations. Individuals should enable multi-factor authentication (MFA) and use strong, unique passwords with a password manager. People should also avoid clicking suspicious links and verify websites before entering sensitive information.<\/p>\n<p data-start=\"3431\" data-end=\"3450\">As for businesses, they must conduct regular security assessments and deploy integrated threat detection platforms (EDR\/XDR). They should also monitor dark web activity for leaked credentials and strengthen incident response capabilities.<\/p>\n<h4 data-section-id=\"1fvhpot\" data-start=\"3656\" data-end=\"3706\">A shift toward scalable, low-effort cybercrime<\/h4>\n<p data-start=\"3708\" data-end=\"3936\">The rise of infostealers and credential marketplaces marks a turning point in financial cyber threats. Instead of building complex malware, attackers now rely on readily available tools and stolen data to scale operations.<\/p>\n<p data-start=\"3938\" data-end=\"4098\" data-is-last-node=\"\" data-is-only-node=\"\">As digital services expand, the challenge for both users and organizations will be staying ahead of increasingly automated and accessible cybercrime ecosystems.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Kaspersky reports that more than one million online banking accounts were compromised in 2025, as financial cyber threats increasingly shift from traditional malware to credential theft and data reuse. The findings reflect a broader change in how attackers target users, relying more on infostealers, phishing, and dark web marketplaces. The trend signals a growing risk&#8230;<\/p>\n","protected":false},"author":119,"featured_media":35713,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"categories":[23199,23634],"tags":[25858,23206,5770,25859,1921,25856,23200,25860,25857,1696],"class_list":["post-35712","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","category-technology","tag-banking-security","tag-credential-theft","tag-cybersecurity","tag-data-breach","tag-digital-security","tag-infostealers","tag-kaspersky","tag-mobile-malware","tag-phishing-attacks","tag-tech-news"],"_links":{"self":[{"href":"https:\/\/www.techbeatph.com\/wproot\/wp-json\/wp\/v2\/posts\/35712","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.techbeatph.com\/wproot\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.techbeatph.com\/wproot\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.techbeatph.com\/wproot\/wp-json\/wp\/v2\/users\/119"}],"replies":[{"embeddable":true,"href":"https:\/\/www.techbeatph.com\/wproot\/wp-json\/wp\/v2\/comments?post=35712"}],"version-history":[{"count":1,"href":"https:\/\/www.techbeatph.com\/wproot\/wp-json\/wp\/v2\/posts\/35712\/revisions"}],"predecessor-version":[{"id":35714,"href":"https:\/\/www.techbeatph.com\/wproot\/wp-json\/wp\/v2\/posts\/35712\/revisions\/35714"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.techbeatph.com\/wproot\/wp-json\/wp\/v2\/media\/35713"}],"wp:attachment":[{"href":"https:\/\/www.techbeatph.com\/wproot\/wp-json\/wp\/v2\/media?parent=35712"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.techbeatph.com\/wproot\/wp-json\/wp\/v2\/categories?post=35712"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.techbeatph.com\/wproot\/wp-json\/wp\/v2\/tags?post=35712"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}