Introduction

Alerts Bar, deep darknet monitoring for infostealers who know your compromised devices and credentials of your employees and customers. With the co-founding team Dima Ashkinazi, Mike Khytko, and Aidan Raney. Thanks to Bohdan for the introduction.

Infostealers are a form of malicious software created to breach computer systems to steal sensitive information, such as login details, financial information, and other personally identifiable information. The stolen information is then packaged, sent to the attacker, and often traded on illicit markets to other cybercriminals.

According to Kaspersky’s research in mid-2023, 24% of malware offered as a service are infostealers. In 2024, infostealers were used to steal 2.1 billion credentials, over 60% of the 3.2 billion credentials stolen from all organizations. Infostealers are heavily utilized because of their low cost, with an average cost of $200 per month in 2024.

In February 2025, it was reported by Hudson Rock that infostealers had compromised email accounts and credentials across multiple US government and military departments, including the FBI.

Interview

Aidan kicks things off introducing Dima and Mike, and explains the problem. Infostealers are a relatively new type of malware designed to steal confidential information from infected devices. Their rise began around 2018 and has been growing year by year. More than 100M infected PC worldwide by 2024.

Its related to computer viruses that have been infecting PCs for decades. I remember my first boot sector virus on an Atari ST520, in 1986. Viruses have evolved from being annoying to money making. Infostealers do not announce their presence, they quietly steal all your usernames, passwords, session keys, device information, cookies, every piece of information to impersonate you online.

One of this things Alerts Bar does is on detecting a compromised session close it down.

Common targets are online gaming accounts like Counter-Strike: Global Offensive (CS: GO). Typical inventories can be $200-$300, but as high as $1.6M. With the credentials downloaded by the infostealer, the process of off-loading the digital assets to market places is automated, It’s about getting to the cash fast, though some infostealers are about demonstrated their abilities, rather than monetizing the theft.

Alerts Bar Strategy

As soon as the data becomes available to other hackers, that’s when Alerts Bar notifies is customers. There are many communities out there, so indexing the data is important. AND Speed is essential, as that breach can lead to further breaches. not just losing your Counter-Strike: Global Offensive inventory. But access to corporate accounts and information. For example GTA6 was leaked. Also the Snowflake leak exposed AT&T, Ticketmaster/Live Nation, Santander Bank, LendingTree, Advance Auto Parts, and Neiman Marcus. And that access was sold for a few tens of dollars.

Infostealers and social engineering are rapidly expanding given the companies exposed through stealing session data. There is an element of luck in accessing session data from someone with valuable access, but this is a numbers game, and automation makes it productive.

Mike shared a Deutsche Bank executive who’s personal computer was compromised, which enabled over 700 accesses. Including credit cards, bank accounts, and lots of personal information. The infostealer got in through an apparent anti-virus update. There are so many ways, like a Google Ad for an update to a game you have…

Bohdan asks the team about whether data brokers buy stolen data. Dima answers, speed is essential, if the data is available, getting it as fast as possible to your customer is critical. Often shared in Telegram groups, with a price tag of a few hundred to thousand dollars.

Aidan highlights often the infostealers infect themselves. Some are involved in CSAM (Child sexual abuse material). So law enforcement come to Alerts Bar for help in catching such criminals. There scope is much broader than infostealers.

Alerts Bar Secret Sauce

Bohdan asks a question on malware as a service and phishing as a service, he sees businesses offering such capabilities, but a lack of action stopping such activities.

Dima highilighted many businesses do not react to infostrealers, so it becomes ransomware. Here employee training is important and is part of the service Alerts Bar provides. Which also includes c-level monitoring. Supply chain attacks have risen, because of security holes with services like Slack or Jira; that sit outside the corporate security. Again Alerts Bar provides a security framework to manage those issues.

Infections happen, Alerts Bar provides proposals on how to avoid further infections.

The cost for Alerts Bar can be as low as $800 per month.

Aidan highlights a commonality between phishing and infostealers, how phishing steals an identity, while infostealers grabs all your identities. Sometimes phishing is a gateway to infostealing.

This is an emerging threat, and we wish Dima, Aidan, and Mike the best of luck in growing their business.