The infostealer malware threat has just grown dramatically.
getty
Update, May 1, 2025: This story, originally published April 29, has been updated with insights from security experts on safeguarding your passwords this World Password Day, addressing the serious issue of password reuse among Generation Z.
Understanding the Infostealer Malware Threat
If you believe your password is secure, it might be time to think again. Recent analysis suggests that many individuals, especially those who don’t prioritize password management, are at significant risk. A newfound wave of infostealer malware has emerged, with more than 1.7 billion stolen passwords circulating on dark web forums. This alarming statistic serves as a wake-up call for anyone who might be complacent about their online security.
The Rise of Compromised Passwords
Cybersecurity experts have long cautioned about the dangers posed by infostealer malware, which remains a dominant player in the world of cyber threats. Recent findings from the 2025 Global Threat Landscape Report by FortiGuard Labs reveal a staggering 500% increase in reports of infostealer malware over the past year. This surge indicates that hackers are becoming more adept at accessing systems through compromised login credentials—one of the easiest methods to gain entry.
More than 100 billion compromised credentials are listed on underground forums, representing a 42% increase from the previous year. This escalation has enabled cybercrime groups to create and distribute “combo lists,” facilitating credential-stuffing attacks that can lead to account takeovers, financial fraud, and even corporate espionage.
Changing the Approach to Password Management
Derek Manky, chief security strategist at FortiGuard Labs, emphasizes that traditional security measures are no longer sufficient. Organizations must adopt a proactive stance, utilizing artificial intelligence, zero trust frameworks, and continuous threat exposure management to keep pace with evolving threats. An essential part of this shift involves improved password management and security practices.
As we recognize World Password Day on May 1, it’s crucial to reflect on the steps we can take to bolster our defenses against password breaches.
World Password Day: Practical Advice for Individuals and Organizations
Security experts underline the significant risks associated with poor password management. Jon Fielding, managing director at Apricorn, points out that negligent practices can expose users to credential theft or exploitation. Despite the clear dangers, over a quarter of businesses (27%) still lack sufficient password policies that enforce robust password creation, a fundamental aspect of cybersecurity hygiene.
For organizations, effective password management extends beyond creating policies. Michela Resta, a data privacy and cybersecurity solicitor at CyXcel, insists that it’s vital for companies to have systems in place that enforce strong password requirements, preventing users from bypassing protocols or reusing old passwords. While no security measure can guarantee complete protection against intrusions, implementing robust policies and regularly testing incident response plans can significantly mitigate risks.
Generation Z: A Case Study in Password Practices
Interestingly, the trend of password reuse appears especially pronounced among Generation Z. Research by Bitwarden, conducted for World Password Day, indicates that 72% of Gen Z respondents admit to reusing passwords across different accounts. Despite being aware of the dangers—79% acknowledge the risks—many continue this risky behavior, even opting to reuse passwords when updating accounts after reported breaches.
The survey revealed that only 10% of Gen Z participants always change their passwords following a security compromise, while a staggering 38% merely modify a single character of their existing password when prompted. Alarmingly, the average Gen Z user maintains fewer than 25 unique passwords, and many rely on insecure methods for sharing credentials, such as text messages or screenshots.
Furthermore, 62% of Generation Z report experiencing some level of stress regarding password management, yet almost half (46%) utilize password management software. This disconnect raises concerns about their habits, as many still risk their security through irresponsible practices.
Ultimately, as we observe World Password Day, it’s evident that education and awareness about password security remain crucial, especially among younger users. Employing effective password management strategies can significantly enhance personal and organizational cybersecurity in an increasingly perilous digital landscape.
