Password stealers are becoming a preferred tool for attackers targeting organisations in India. Kaspersky’s telemetry showed a 20% increase in password stealer attacks targeting its business users in India, highlighting how quietly harvested credentials are being used to infiltrate business environments without triggering alarms.
In 2025 alone, Kaspersky’s business solutions detected and blocked 225,223 password-stealing attacks in corporate networks in India.
Password stealers are a malware type designed to steal passwords and other account information. Stealers extract stored secret keys from browsers and other utilities, analyse cache and cookie files, and gain access to cryptocurrency wallet data.
Cybercriminals can use stolen passwords to gain unauthorised access to accounts for various malicious purposes, including financial theft, identity theft, extortion, and using the compromised accounts to launch further attacks.
India recorded a significant 20% year-on-year increase in password stealer attacks on businesses in 2025, with detections rising from 1,88,470 in 2024 to 225,223 in 2025. This growth underscores the escalating risk to Indian enterprises as cybercriminals increasingly target credential theft as an entry point into corporate networks.
“Password stealer attacks do not discriminate, whether you are a large enterprise with hundreds of employees or a growing start-up, stolen credentials open the same doors for attackers. The 20% surge we are seeing in India is a warning signal that no organisation is too big or too small to be targeted. Businesses of every size need to treat credential security as a boardroom priority, not an IT afterthought,” says Jaydeep Singh, General Manager for India, Kaspersky.
“Organisations must act decisively by eliminating weak credential risks through dedicated password management solutions that create and protect truly randomised login details. Complementing this with robust access controls, including multi-factor authentication, routine credential reviews, and restricting user privileges to only what is necessary, forms a strong defensive foundation. Beyond technology, cultivating a workforce that understands and practises cyber hygiene daily is equally critical to building lasting resilience,” he added.
In order to strengthen your password policy, users and companies can use the following simple tips:
- It’s nearly impossible to memorize long and unique passwords for all the services you use, but with a password manager, you can memorize just one master password.
- Use a different password for each service. That way, even if one of your accounts is stolen, the rest won’t go with it.
- Passphrases might be more secure when unexpected words are used. Even if you are using common words, you can arrange them in an unusual order and make sure they are unrelated. There are also online services, that will help you check if a password is strong enough.
- It’s better not to use passwords that can be easily guessed from your personal information, such as birthdays, names of family members, pets, or your own name. These are often the first guesses an attacker will try.
- Enable two-factor authentication (2FA). While not directly related to password strength, enabling 2FA adds an extra layer of security. Even if someone discovers your password, they would still need a second form of verification to access your account. Modern password managers store 2FA keys and secure them with the latest encryption algorithms.
- Using a reliable security solution will enhance your protection. It monitors the internet and Dark Web and warns if your passwords need to be changed.
To help businesses and government organisations in India strengthen their resilience against password stealers, Kaspersky experts recommend:
- Deploy advanced security platforms such as Kaspersky Next, which combine endpoint, cloud, and XDR/EDR capabilities to detect, investigate, and respond to complex threats like spyware, backdoors, and ransomware.
- Keep software up to date, with a focus on widely used applications such as Microsoft Office, to minimize the risk of exploit-based attacks.
- Leverage threat intelligence services to gain visibility into the latest attacker tactics and prepare defenses accordingly.
- Receive comprehensive and detailed analysis of security incidents with Kaspersky Incident Response. This service covers the entire investigation and response process, including initial containment, evidence collection, identification of the primary attack vector and development of an effective mitigation plan.
- Align your internal processes and technologies with today’s evolving threat landscape through Kaspersky SOC Consulting. This service helps you build an in-house SOC from scratch, assess the maturity of an existing SOC or enhance specific capabilities such as detection and response procedures.
