Experts from NordStellar, EY, Kalpataru, Assisto Technologies, and Ujjivan SFB warn that dirt-cheap malware is enabling high-stakes breaches and calls for an industry-wide wake-up.
In a digital-first economy where data underpins everything—from consumer trust to regulatory compliance—the emergence of infostealers as a major cyber threat is sending shockwaves through the enterprise security landscape. These inexpensive, easily deployable malware tools are exposing billion-dollar vulnerabilities in corporate networks by harvesting and selling sensitive data for pennies on the dollar.
“Infostealers have become a preferred weapon for attackers,” says Vakaris Noreika, Cybersecurity Expert at NordStellar. “They’re inexpensive, efficient, and designed to cast a wide net. But when a corporate credential is caught in that net, the consequences are enormous.”
The economics of the threat are staggering. Cybercriminals can pay as little as $100 for malware like RedLine or LummaC2, which silently collects login credentials, cookies, financial data, and more from compromised systems. This stolen data is then sold on dark web marketplaces—often in bulk, where 16GB of sensitive personal or enterprise data can go for as little as $1.
“Cybercriminals can pay as little as $100 to breach enterprises and access stolen credentials. This is a structural risk every business leader must face head-on.”
— Vakaris Noreika, Cybersecurity Expert, NordStellar
Dark Web Economics: Dirt-Cheap Access to Sensitive Data
On underground forums and stealer log marketplaces, cybercriminals pay subscription fees ranging from $81 a week to $200 a month to access massive troves of compromised data. Corporate credentials mixed in these logs are digital gold mines—offering access to email systems, internal platforms, cloud storage, and more.
“If a stealer log contains a business email domain, hackers instantly know they’ve hit gold,” Noreika explains. “They can exploit those credentials to access internal systems, pivot within networks, steal intellectual property, or even launch ransomware.”
The sheer affordability and scalability of infostealer malware are what make it so dangerous. Even low-skilled attackers can now execute sophisticated breaches. Platforms offering Infostealer-as-a-Service (IaaS) provide dashboards, deployment guides, and customer support—lowering the barrier to entry for cybercrime.
“Buyers can deploy the malware themselves and customize it for high-value targets,” says Noreika. “It’s scalable cybercrime, and enterprises are the most lucrative targets.”
“A data breach doesn’t just break systems—it exposes the culture behind them. Incident response is a strategic advantage now.”
— Amey, Director of Cyber Forensic Technology and Discovery Services, EY
Beyond IT: A Breach Reflects the Culture
Amey, Director of Cyber Forensic Technology and Discovery Services at EY, believes that cybersecurity is no longer just a technological issue—it’s a cultural and strategic one.
“A data breach doesn’t just break systems—it exposes the culture behind them,” he says. “Incident response is a strategic advantage now. Organizations that respond quickly and transparently are the ones that retain customer trust and stakeholder confidence.”
EY’s forensic teams have investigated breaches across industries and found that many stem from poor cyber hygiene, lack of employee training, and weak governance practices. “Incident response plans should be boardroom issues,” Amey asserts. “They’re as important as business continuity and financial audits.”
“We must invest in real-time detection, employee awareness, and architectural resilience. Every breach starts with a gap in culture or controls.”
— Hetal Presswala, CISO, Kalpataru Limited
The Banking Sector: A National Security Concern
In the financial services industry, where trust is paramount and data breaches can cause systemic disruptions, the threat of infostealers is even more alarming.
“In 2024, the average cost of a data breach rose to an all-time high of $4.88 million,” notes Ratan Jyoti, CISO at Ujjivan Small Finance Bank. “For financial institutions, this isn’t just a number—it reflects the massive financial, operational, and reputational damage a single cyberattack can cause.”
The Reserve Bank of India (RBI) has mandated a robust cybersecurity framework for banks that includes risk-based controls, real-time monitoring, and mandatory breach disclosures. Ujjivan SFB, Jyoti says, closely aligns with these requirements. “We’ve implemented layered defenses, conduct regular cyber drills, and actively participate in threat intelligence sharing. But the truth is, no single bank can do it alone.”
Jyoti calls for deeper collaboration with national bodies like CERT-IN and NCIIPC to protect India’s critical information infrastructure. “These frameworks remind us that cybersecurity is not just a technical challenge—it’s a strategic imperative. For banks, it means embedding cybersecurity into governance, culture, and daily operations.”
“The fact that massive amounts of personal data can be bought for so little is chilling. We need urgent, industry-wide investment in proven cyber defenses.”
— Ganesh Viswanathan, President, CIO & CISO, Assisto Technologies Pvt. Ltd.
Building Resilience Through Awareness and Architecture
Hetal Presswala, CISO at Kalpataru Limited, underscores that technical defenses only go so far without awareness.
“Encryption, MFA, and access controls are critical—but they only work when paired with a cyber-aware workforce and fast incident response,” she says. “Real-time monitoring is your best friend.”
Presswala believes that businesses must cultivate a security-first mindset across all levels. “We must invest in real-time detection, employee awareness, and architectural resilience. Every breach starts with a gap in culture or controls.”
Back to Basics: Strengthening the Core
Ganesh Viswanathan, President, CIO & CISO at Assisto Technologies, warns that enterprises must go back to security fundamentals.
“The fact that massive amounts of personal data can be bought for so little is chilling,” he says. “It underscores the need for layered defenses and an industry-wide wake-up call.”
“In today’s world, data is both an asset and a target. Our defenses must be stronger than the incentives of those trying to break in.”
— Ratan Jyoti, CISO, Ujjivan Small Finance Bank
He outlines three critical areas CIOs must focus on:
- Multi-Factor Authentication (MFA): Ensures only verified users access sensitive systems.
- Patch Management: Regular updates keep systems secure against known vulnerabilities.
- Data Encryption: Protects data even if attackers gain system access.
“These foundational controls can significantly enhance an organization’s cybersecurity posture,” Viswanathan adds. “But only if they’re implemented consistently and monitored rigorously.”
Conclusion: The $100 Wake-Up Call
The gap between the cost of launching a breach and the cost of surviving one has never been wider. While attackers invest just $100, defenders are forced to spend millions to contain the damage. This imbalance is not sustainable—and it’s a call to action.
“Cybercriminals are innovating,” warns Amey. “Boards must demand that their security teams innovate faster.”
Ratan Jyoti adds: “Data is both an asset and a target. And unless we build defenses stronger than the incentives of attackers, breaches will continue to escalate.”
Ratan Jyoti adds: “Data is both an asset and a target. And unless we build defenses stronger than the incentives of attackers, breaches will continue to escalate.”