3.9 billion passwords stolen: malware and AI responsible for data theft in Gmail and Outlook, report says

In an increasingly vulnerable digital context, warnings about information-stealing malware have proliferated, affecting both macOS users and those using email platforms such as Gmail and Outlook . Concerns about password security have reached alarming levels, especially following the recent report by KELA, a threat intelligence agency focused on the dark web, which reveals the true extent of this threat. With more than 4.3 million machines infected so far in 2024, the outlook is overwhelming and urgent action is needed.

KELA’s latest cybercrime report , published on February 20 and picked up by Forbes, highlights that data thieves are behind the theft of 3.9 billion passwords . This alarming number reveals that passwords are shared in lists that appear to come from records of data thefts. Three main malware strains, Lumma, StealC and Redline, have been responsible for 75% of infections. David Carmiel, CEO of KELA, emphasizes the existence of underground economies that facilitate malware as a service, creating an environment conducive to various criminal activities.

Malicious activity related to data-stealing malware is not limited to password theft; it also includes ransomware attacks and espionage campaigns. The efficiency and scalability of these data stealers allow attackers to compromise large volumes of accounts, both personal and corporate. This dynamic becomes a vicious cycle where stolen credentials are sold on underground markets to facilitate future attacks, thus exacerbating the problem.

Nearly 40% of the infected machines contained credentials for sensitive corporate systems , including email and content management platforms. The report reveals that, shockingly, 65% of the compromised computers were personal, indicating that many users are not taking the necessary precautions to protect their data. This highlights the importance of implementing robust security measures, especially in corporate environments.

To combat this growing threat, KELA recommends implementing multi-factor authentication on all accounts and isolating critical systems to limit attackers’ lateral movement. Additionally, the use of advanced email filtering solutions is advised to prevent phishing attempts. The urgency of these measures cannot be underestimated, as analysts predict an increase in data breaches in 2025.

Artificial intelligence (AI) has also emerged as a disruptive factor in password security. Ignas Valancius, head of engineering at password manager NordPass, warns Forbes that AI can crack passwords, even the most complex ones, in record time. As AI tools become more sophisticated, the risk of brute-force and dictionary attacks increases, meaning password security will be compromised if proper measures are not taken.

Valancius suggests that good password hygiene practices include creating long, random passwords , avoiding the use of personal information, and not reusing passwords across different accounts. He recommends creating passphrases as an easier-to-remember alternative, as well as considering the use of passcodes, which combine biometric verification with cryptographic keys for increased security.

Kela’s report also reveals an increase in ransomware activity in 2024. The cybercrime firm tracked more than 5,230 victims and nearly 100 threat actors last year , an annual increase of 10.5% and 28.5% respectively.

It is imperative that users and organizations remain vigilant and proactive in protecting their data . The combination of information-stealing malware and AI’s increasing ability to crack passwords creates a worrying scenario. Education and the implementation of effective security measures are crucial steps to mitigate these risks and safeguard personal and corporate information.