In 2025, stealer malware evolves beyond password theft to hijack live sessions, revealing a significant threat to enterprises. Flare’s research analyzed over 20 million stealer logs, uncovering that cybercriminals often complete session hijacking attacks within 24 hours of infecting employee endpoints with malicious payloads. These attacks extract valuable session tokens from platforms like Microsoft and Google. Stolen session tokens become a traded commodity, with pricing variations depending on their value, posing operational risks for businesses as attackers automate and expedite their efforts.
Stealer malware is evolving; in 2025, it shifts from stealing passwords to hijacking live sessions, targeting enterprises more efficiently than ever.
Cybercriminals weaponize infected employee endpoints for session hijacking, successfully executing attacks in under 24 hours after infection.
Modern session hijacking begins with infection via disguised malware, often resulting in data theft that occurs in under an hour before attackers act.
Stolen session tokens from enterprise applications are the new currency for cybercriminals, fetching prices from $5 for personal accounts to $1,200 for enterprise sessions.
Collection
[
|
...
]