Date: 29 April 2025

Abstract:

There has been significant media coverage regarding banking passwords belonging to over 31,000 Australians being stolen and distributed on the dark web and through encrypted messaging platforms such as Telegram. The credentials, linked to customers of the Big Four banks, were not obtained through the banks themselves, but rather extracted from individual users’ devices infected with a type of malware known as an “infostealer”.

Infostealers are a type of malicious software that silently performs undesired actions on a computer system, such as stealing or corrupting data or allowing attackers to gain unauthorised access. This typically occurs through phishing emails, pirated software, malicious downloads, or browser extensions.

An investigation by cyber intelligence researchers has reported that some of the data dates have occurred several years ago but may still be usable. This data has circulated online being sold by cybercriminals through subscription models or given away for free. The incident reflects the growing trend in cybercrime where attackers target individual endpoint users rather than…