In today’s digital landscape, the threat of cybercriminals purchasing corporate credentials from infostealer logs on the dark web is a harsh reality faced by many companies, including those in the igaming industry. According to Check Point’s The State of Cyber Security 2025 report, 90% of breached companies had their credentials leaked in a stealer log, highlighting the ease with which attackers can gain access to sensitive information.
Infostealers, stealthy malware programs designed to extract data from infected endpoints, pose a significant threat to businesses. They target privileged credentials, browser artifacts, session cookies, local files, and configuration data, which are then sold on dark web marketplaces or used to breach corporate networks. This has serious implications for igaming operators who rely on uninterrupted service and trust from their customers.
Cybersecurity efforts in the igaming industry have traditionally focused on protecting player information, but with the rise of infostealer campaigns, back-office infrastructure has become a prime target. A compromised device can lead to unauthorized access, operational downtime, ransomware threats, exploitation of crypto payment integrations, and damage to player trust. Even a minor breach can result in financial loss and regulatory scrutiny.
Recent incidents involving infostealers highlight the risks faced by companies in the crypto and igaming sectors. In May 2023, Binance, a major cryptocurrency exchange, detected an infostealer malware campaign aimed at its internal employee endpoints. Similarly, in November 2022, DraftKings, an American sports betting and igaming operator, disclosed that attackers accessed thousands of customer accounts through infostealer logs.
To defend against infostealers, companies like SOFTSWISS have developed comprehensive strategies. These include restricting high-level access, combining multi-factor authentication with endpoint and network checks, mandating secure devices for admin tasks, enabling real-time monitoring, deploying dark web monitoring, adopting security orchestration systems, promoting safe software practices, conducting infostealer-focused training, and engaging in industry-wide collaboration.
By implementing these defense strategies, igaming operators can significantly reduce the risk of infostealer-driven breaches and protect their operations from cyber threats. By continuously refining their approach and adding new layers of defense, companies like SOFTSWISS are dedicated to safeguarding their clients’ businesses against the growing threat of infostealers in the digital age.