Password stealers are becoming a preferred tool for attackers targeting organisations in India. Kaspersky’s telemetry showed a 20% increase in password stealer attacks targeting its business users in India, highlighting how quietly harvested credentials are being used to infiltrate business environments without triggering alarms.

In 2025 alone, Kaspersky’s business solutions detected and blocked 225,223 password-stealing attacks in corporate networks in India.

Password stealers are a malware type designed to steal passwords and other account information. Stealers extract stored secret keys from browsers and other utilities, analyse cache and cookie files, and gain access to cryptocurrency wallet data.

Cybercriminals can use stolen passwords to gain unauthorised access to accounts for various malicious purposes, including financial theft, identity theft, extortion, and using the compromised accounts to launch further attacks.

India recorded a significant 20% year-on-year increase in password stealer attacks on businesses in 2025, with detections rising from 1,88,470 in 2024 to 225,223 in 2025. This growth underscores the escalating risk to Indian enterprises as cybercriminals increasingly target credential theft as an entry point into corporate networks.

“Password stealer attacks do not discriminate, whether you are a large enterprise with hundreds of employees or a growing start-up, stolen credentials open the same doors for attackers. The 20% surge we are seeing in India is a warning signal that no organisation is too big or too small to be targeted. Businesses of every size need to treat credential security as a boardroom priority, not an IT afterthought,” says Jaydeep Singh, General Manager for India, Kaspersky.

“Organisations must act decisively by eliminating weak credential risks through dedicated password management solutions that create and protect truly randomised login details. Complementing this with robust access controls, including multi-factor authentication, routine credential reviews, and restricting user privileges to only what is necessary, forms a strong defensive foundation. Beyond technology, cultivating a workforce that understands and practises cyber hygiene daily is equally critical to building lasting resilience,” he added.