May 28, 2025
As part of our continued effort to analyze the underground credential theft ecosystem, our team recently examined a staggering 1.2 billion compromised credentials collected in January 2025. The findings are alarming: gaming platforms like Roblox top the charts, accounting for 19% of infections, while Gmail dominates the compromised email landscape with a 72% share among top domains. Regional email providers and government platforms—particularly in Latin America—also show significant exposure.
But it’s not just about weak passwords. Our research reveals that even “strong” passwords are no match for infostealer malware, and infection patterns span over 16,800 cities globally. PCs remain the prime target, but mobile threats are emerging.
This post is just the beginning. Dive into the full analysis to understand the trends, threats, and what they mean for users and organizations alike. And stay tuned—our next investigation will follow the money behind these attacks.
Beatriz Pimenta
Jacobo Blancas
Beatriz Pimenta & Jacobo Blancas
