Cybersecurity firm Kaspersky has revealed that over one million online banking accounts from the world's 100 largest banks were compromised in 2025. The primary method used by cybercriminals was infostealer malware, designed to steal financial credentials. These stolen usernames and passwords were then freely shared on the dark web.
India, Spain, and Brazil saw the highest median number of compromised accounts per bank. Attackers are increasingly shifting from traditional banking malware to credential theft techniques, including infostealer infections and the sale of stolen data on underground marketplaces. Mobile banking threats also rose significantly, with malware attacks increasing approximately 1.5 times. Detections of infostealer malware on personal computers globally increased by 59% from 2024 to 2025, fueling the surge in compromised credentials.