RUSSIA: Kaspersky reported that its detection technologies identified an average of 500,000 malicious files each day in 2025, representing a 7% rise from the year before. Several categories of threats expanded worldwide password stealer detections increased by 59%, spyware detections rose by 51%, and backdoor detections grew by 6% compared to 2024.
These insights form part of the Kaspersky Security Bulletin series, which examines the major cybersecurity trends observed over the past year.
Windows continued to be the main focus of cyberattacks, with 48% of Windows users encountering various types of threats in 2025. Among Mac users, 29% were targeted.
Globally, 27% of users were hit by web-based threats malware that activates while users are online or otherwise relies on the internet at some point to inflict damage. In Latin America, 26% of users faced web threats last year, while the figure stood at 25% in Africa, 21% in Europe and 19% in the Middle East.
On-device threats struck 33% of users. These threats include malware distributed via removable USB drives, CDs, DVDs or those that reach systems through non-open forms such as encrypted files or complex installers. Africa had the highest share of users affected at 41%, followed by APAC at 33%, the Middle East at 32%, Latin America at 30% and Europe at 20%.
“The current cyberthreat landscape is defined by increasingly sophisticated multi-platform attacks, among other factors. One of the most significant revelations made by Kaspersky this year was the resurgence of the Hacking Team after its 2019 rebranding, with its commercial spyware Dante used in the ForumTroll APT campaign, which incorporated zero-day exploits in Chrome and Firefox browsers. This ties into broader trends where the number of registered vulnerabilities has been constantly increasing year-on-year. Protective solutions are indispensable, including detection and response tools, flexible patch management, continuous infrastructure monitoring, and comprehensive vulnerability analysis to neutralize threats. Equally crucial are user and employee training programs to boost cybersecurity awareness, simulate incident responses, and foster a culture of vigilance against phishing and social engineering. Without these layered approaches, the escalating threat ecosystem risks turning isolated incidents into widespread operational catastrophes,” comments Vladimir Kuskov, Head of Anti-Malware Research at Kaspersky.
For personal safety, Kaspersky advises individuals not to install software from untrustworthy sources, to avoid clicking on suspicious links or online ads, to use two-factor authentication whenever available, and to install security updates promptly, as they often address high-severity vulnerabilities. Users are also encouraged to deploy a strong security product suited to their devices, such as Kaspersky Premium.
For organizations, Kaspersky recommends ensuring all devices run up-to-date software to reduce the risk of attackers abusing known vulnerabilities. Remote desktop services such as RDP should not be exposed to public networks unless absolutely necessary, and strong passwords should always be used. Businesses are encouraged to adopt advanced Kaspersky Next solutions for full visibility across corporate infrastructure, enabling swift detection, prioritization, investigation and mitigation of sophisticated threats and APT-like activity. Up-to-date Threat Intelligence is also essential to stay informed about threat actors’ evolving tactics, techniques, and procedures.
All figures in this report are sourced from Kaspersky Security Network (KSN). Statistics for the 2025 reporting period span from November 2024 through October 2025.
