Amsterdam, May 13, 2025 - In a recent study of hundreds of mid-to-large enterprises operating across three continents, cybersecurity firms Hadrian and Passguard found that 64% had at least one infection resulting in stolen data appearing on the dark web in the last five years. On average there were 4.5 infections per organization over the last 12 months. Hadrian and Passguard takes aim at a growing blind spot in cybersecurity: the alarming spread of infostealer infections across business environments.
Cybercriminals are constantly searching for new entry points to exploit, and fresh techniques to bypass a business’s defenses. When traditional vulnerabilities are well-protected, attackers shift tactics. That is what is behind the rise in credential-stealing infostealer malware. “Infostealers have quietly become one of the most effective breach enablers in modern cybercrime,” said Rogier Fischer, co-founder and CEO of Hadrian. “Attackers don’t need to break through hardened defenses when valid credentials are already being sold online. We’re seeing organizations breached not because they were unpatched, but because someone unknowingly logged in from a compromised device.”
Infostealer risk at a glance
- 64% of organizations globally had at least one known infostealer infection since the launch of Infostealers in 2019.
- 2024 saw a surge in infections, with an average of 4.5 infections per organization last year.
- Organizations had credentials and sensitive data traded on criminal marketplaces by infostealers once every 2.5 months in the last 12 months.
Overcoming security blind spots
Hadrian and Passguard expand companies’ visibility of how a hacker might begin an attack against their organization. Hadrian identifies and tests the vulnerable systems of an organization connected to the internet that could be exploited, such as servers and cloud environments. Passguard detects infostealer malware infections on employee devices being offered for sale on criminal marketplaces. All this data can now be viewed in one centralized location of the Hadrian cybersecurity platform.
“Security teams are not able to detect all of the infections, because they occur on unmanaged devices”, Tom Leijte says, CEO of Passguard. “Passguard’s focus on alerting businesses about how infostealers infections have impacted their bottom line is a natural fit for Hadrian’s platform, which tests possible threats. This way, Hadrian’s clients will know whether the access provided by infostealers is still valid.”
Partners in cybersecurity
“The value of this partnership lies in creating the most comprehensive possible overview of cyber issues before they are exploited. Our customers will now have real-time alerts when, where, and how their sensitive data is being traded. Together, we not only identify the hackers’ attack surface, but also track the information that appears on criminal marketplaces on the dark web,” Fischer concludes.
–
About Hadrian
Hadrian is a Dutch leading cybersecurity company specializing in offensive security solutions. With the mission to empower organizations from a hacker’s perspective, Hadrian uses advanced technologies to identify and mitigate vulnerabilities before they can be exploited. Through continuous monitoring and proactive threat analysis, Hadrian supports companies worldwide in building resilient digital infrastructures in an increasingly complex cyber landscape.
About Passguard
Passguard is a Dutch cyberintelligence company with a unique focus on infostealers. Operating within some of the world’s most secure criminal marketplaces—where access to malware-infected devices is bought and sold—Passguard identifies compromised systems long before organizations become aware of the breach. By continuously monitoring these underground networks, Passguard provides early-warning intelligence that helps businesses protect their data and stay ahead of cybercriminals.
