πŸ‡ΊπŸ‡ΈEnglishπŸ‡―πŸ‡΅ζ—₯本θͺžπŸ‡ΉπŸ‡·TΓΌrkΓ§eπŸ‡²πŸ‡³ΠœΠΎΠ½Π³ΠΎΠ»
Security Notification

Voluntary Infostealer Victim Notification

What Is This Service?

The Voluntary Infostealer Victim Notification is a proactive service offered by Istary, a cybersecurity intelligence company. As part of our work, we monitor criminal channels where stolen corporate credentials are often shared or sold. When we discover credentials linked to your organization, we notify you β€” completely free of charge.

This is not a breach of your systems. This alert means that one or more devices used by people/machine connected to your organization were infected with infostealer malware, and the harvested data is now circulating among criminal actors.

This page explains what these notifications mean, why they are important, and how we can help you respond.

What Is an Infostealer?

An infostealer is a type of malware that secretly collects saved passwords, session tokens, and browser information from infected devices. These stolen credentials can then appear in criminal marketplaces, often within hours.

Even a single infected employee can lead to exposure of critical systems such as VPNs, internal tools, or cloud services.

Why We Send Notifications

Credential theft is one of the most common cybersecurity risks today β€” yet most organizations never know their credentials have been exposed.

By notifying you promptly, we help your team take immediate action before these stolen credentials are misused.

What You Should Do Next

01

Step 1: Acknowledge this notification. Reply to our email or contact us at contact@istary.io. No technical knowledge is required β€” this can come from anyone authorized to handle security matters at your organization (IT manager, security lead, CISO, or a member of leadership).

02

Step 2: Review the findings. We'll schedule a brief walkthrough β€” typically 20 to 30 minutes β€” where we share what we found and answer questions. Alternatively, if your team prefers to review independently, we can provide direct platform access to a designated security contact.

03

Step 3: Take action. Based on the findings, your team can prioritize response β€” from resetting passwords and revoking sessions to identifying the infected device.

What You'll See on Our Platform

Once your designated contact has access, they'll be able to review:

  • Which employee or vendor credentials were exposed
  • What services and systems those credentials are associated with
  • Details about the infected device (operating system, malware family, infection date)
  • Whether active browser sessions or authentication tokens were compromised

This information helps your security team prioritize response and take immediate action where needed.

Why Ongoing Monitoring Matters

The credentials we identified in this notification are a snapshot of what's circulating today. Infostealer infections happen continuously β€” new employee, vendor, and customer credentials may surface in criminal markets at any time.

Istary offers continuous monitoring that alerts your team in real time when new credential exposures are detected, so you can act before stolen credentials are used against you. If this is something your organization would find valuable, we're happy to discuss it β€” but there is no obligation attached to this notification.

About Istary

Istary is a leading threat intelligence company delivering actionable intelligence across a range of cyber threats. One of Istary's core offerings is cybercrime intelligence, where we monitor darknet for stolen credentials and help organizations detect, assess, and respond to credential exposures before they are exploited. The Voluntary Credential Exposure Notification is part of this service.

Registered in Estonia Β· istary.io Β· contact@istary.io

Frequently Asked Questions

How did you find this data?

Istary's threat intelligence team continuously monitors criminal marketplaces, dark web forums, and data-sharing channels where stolen credentials are traded. We do not hack, access, or test any systems. We identify exposed credentials through passive intelligence collection β€” the same methods used by law enforcement and enterprise security teams worldwide.

Is this a scam or phishing attempt?

We understand the concern. We will never ask you for passwords, payment information, or system access. You can verify our company at istary.io, check our Estonian business registration, or contact us directly at contact@istary.io to confirm the authenticity of this notification. We're also happy to schedule a video call with your team to walk through the findings in person.

Does this mean our systems were hacked?

Not necessarily. Infostealer infections typically happen on individual devices β€” a personal laptop, a contractor's phone, or a shared workstation. However, the stolen credentials may provide access to your corporate systems, which is why timely action matters.

How serious is this?

It depends on what was exposed. In some cases it may be a single set of credentials for a low-risk service. In others, it may include active VPN credentials, SSO sessions, or access to sensitive internal tools. We can help your team assess the scope during a walkthrough.

Can I opt out of future notifications?

Yes. If you prefer not to receive future notifications, simply reply to the email or contact us at contact@istary.io and we will remove your organization from our notification list.