Australia Hit by Infostealer Malware: Banking Credentials Sold Online

Australia is facing a major cybersecurity wake-up call. Thousands of Australians have had their online banking passwords stolen by stealthy malware known as “infostealers,” with stolen credentials being sold on dark web marketplaces for just a few dollars each.

These attacks highlight a growing cybercrime economy built on stealing your most valuable personal and business information—without you ever knowing it happened.

Welcome to the Don’t Be A Sitting Duck Podcast, I’m Leigh Kefford—let’s dive in.

Recently, cybersecurity researchers uncovered that thousands of Australians had their banking credentials compromised by infostealer malware, including strains like RedLine Stealer and Raccoon Stealer.

These malware variants are designed to silently infiltrate devices, often delivered through phishing emails, fake software downloads, malicious ads, or cracked apps. Once installed, they scan your browser, saved passwords, cookies, crypto wallets, and even session tokens—collecting everything they can.

In many cases, users had no idea they were infected. The malware quietly transmitted stolen credentials to criminal-controlled servers, which were then packaged and sold online. Some records from Australian banks were found selling for less than $5, making it easy for cybercriminals anywhere in the world to access victims’ accounts.

How it happened comes down to simple but effective social engineering. Victims were lured into clicking on phishing links disguised as legitimate emails from trusted companies, or they were tricked into downloading what looked like harmless software updates.
Infostealers thrive because they’re fast, lightweight, and often evade traditional antivirus tools—especially if systems aren’t updated regularly.

Why it matters is straightforward:

Stolen banking passwords give attackers direct access to your money.

If your business accounts are compromised, criminals can initiate fraudulent wire transfers, change payroll details, or even steal confidential customer data.

Personal credentials, once exposed, are often used in wider attacks like Business Email Compromise or identity fraud.

We’ve already seen high-profile breaches caused by info-stealers globally.

In 2023, a major Australian financial services provider had hundreds of employee login credentials leaked after a Raccoon Stealer infection. Internationally, tech giants like Nvidia and Uber have also been targeted by attackers using infostealer malware to penetrate corporate networks via employee devices.

To protect yourself and your business:

Never click on links or download attachments from unknown or unexpected emails.

Use reputable endpoint protection with advanced malware detection capabilities.

Always enable multi-factor authentication (MFA) across all important accounts—especially banking, email, and accounting software.

Regularly update your operating systems, browsers, and installed applications to patch vulnerabilities.

Educate your team on cybersecurity hygiene—your people are your first and best line of defense.