Cybersecurity experts are warning that infostealer malware is rapidly evolving from a consumer-level threat into a serious enterprise security risk. New findings show that personal device infections are increasingly becoming entry points for large-scale corporate breaches.
A recent analysis by Flare of 10,000 stealer logs found that 1 in 4 infected users had active corporate credentials stored on compromised systems. These included VPN access, SaaS sessions and cloud platform logins, giving attackers direct access to enterprise environments once the stolen data appears on dark web forums.
Researchers said gaming-related downloads still account for 43% of infections. However, nearly 57% now come from other sources such as productivity software, file-sharing platforms and developer tools, showing that attackers are expanding beyond traditional gaming-focused scams.
The report also revealed that around 16% of users infected through gaming software still possessed valid corporate credentials. The risk becomes even higher with business-related software infections, where nearly 50% of victims had direct access to company systems.
Experts noted that the growing overlap between personal and professional device usage is increasing exposure to cyberattacks. Employees often use the same systems for work and personal activities, making it easier for malware infections to spread into corporate networks.
The study challenged the belief that technical users are less vulnerable to malware. Researchers found that 82% of infected users displayed advanced technical behaviour, while 70% had specialised development tools installed on their devices.
Modern developer workflows were identified as a major risk factor. Developers frequently install packages from unverified sources using tools such as npm or pip, often with administrative privileges enabled. Attackers can hide malicious code inside seemingly legitimate software packages, allowing infostealer malware to steal browser credentials, session tokens and API keys after installation.
The report identified infection sources across compromised systems:
- Gaming software: 43%
- Productivity tools: 24%
- File-sharing platforms: 10%
- Creative tools: 9%
- Business software: 4%
- Developer tools: 3%
Cybersecurity experts said organisations must strengthen security measures through stricter application controls, limited administrative access and continuous monitoring for leaked credentials.
Researchers warned that what appears to be a harmless personal download can quickly turn into a major enterprise security breach.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
