Cybercrime got a lot simpler in 2024, thanks to a new wave of info-stealer malware that collects login credentials. Instead of exploiting vulnerabilities to breach target networks, hackers can just log in using stolen credentials. And if they don’t feel like stealing them themselves, they can easily buy them on the dark web.

IBM’s 2024 X-Force Intelligence report highlights the “relative ease of acquiring credentials.” Following the highly-publicized Snowflake incident earlier this year, one of the biggest info-stealing events ever, the report revealed a 266% surge in the use of info-stealer malware compared to 2023.

Montreal-based Flare, a startup focused on threat exposure management, believes it has found a solution with its new Account and Session Takeover Prevention feature. This service keeps an eye out for any signs on the dark web that its customers’ logins are being shared and then automatically resets the affected passwords before the thieves can gain access. It also detects stolen session cookies that can deceive computers into recognizing the hacker as a previously authenticated user.

Flare, founded in 2017, markets itself as a modernized cyber threat intelligence (CTI) platform tailored for small to mid-sized companies. It distinguishes itself by not only monitoring the usual dark web sources but also keeping tabs on threat actors using messaging app Telegram.

Flare’s recent $30 million Series B funding round, led by Base10 Partners Jason Kong, with contributions from Inovia Capital, White Star Capital, and Fonds de solidarité FTQ, was influenced by the company’s expanding user base and growth propelled by the new anti-info-stealing technology. Although Flare’s CEO Norman Menz did not disclose specific revenue or valuation numbers, he indicated that the Series B resulted in a 5.6-fold increase in valuation compared to its 2022 Series A.

With the successful acquisition of Recorded Future by Mastercard for $2.65 billion in September, the cybersecurity field has shown potential for significant exits. Despite this encouraging trend, Flare faces stiff competition from a multitude of rivals, ranging from startups to established names like Mandiant, Palo Alto Networks, and Microsoft.