14/12/2025

Kaspersky sees 59% surge in password stealer detections

Johannesburg, South Africa

The Kaspersky Security Bulletin series reviews the key cyber security trends of the past year. The research revealed certain types of threats saw growth globally – there was a 59% surge in password stealer detections, a 51% growth in spyware detections, and a 6% growth in backdoor detections compared to 2024. Windows remains the primary target for cyber attacks. 48% of users on Windows were targeted by different types of threats throughout 2025. For Mac users, this figure stands at 29%.

Globally, 27% of users were attacked with web threats – these refer to malware that targets users when they are online. Web threats are not limited to online activity, but ultimately involve the Internet at some stage for inflicted harm. In Latin America, 26% of users were attacked by web threats in 2025, while this share reached 25% in Africa, 21% in Europe and 19% in the Middle East.

On-device threats

33% of users were attacked with on-device threats. These include malware that is spread via removable USB drives, CDs and DVDs, or that initially makes its way onto the computer in non-open form (for example, programmes in complex installers, encrypted files, etc.). Africa headed the rating with 41% of users attacked with this type of threat; APAC reached 33%, Middle East – 32%, Latin America – 30%, and Europe 20%.

“The current cyber threat landscape is defined by increasingly sophisticated attacks on organisations and individuals around the world. One of the most significant revelations made by Kaspersky this year was the resurgence of the Hacking Team after its 2019 rebranding, with its commercial spyware Dante used in the ForumTroll APT campaign, incorporating zero-day exploits in Chrome and Firefox browsers.

Vulnerabilities remain the most popular way for attackers to get into corporate networks, followed by using stolen credentials – hence the rise in password stealers and spyware we see this year. Supply chain attacks are also common, including attacks on open-source software. This year the number of such attacks increased significantly, and we even saw the first widespread NPM worm Shai-Hulud,” comments Alexander Liskin, Head of Threat Research at Kaspersky.

Robust corporate cyber security is vital

“This increasingly complex threat landscape makes implementing robust cyber security strategies vital for organisations, as failure to do so can lead to months of downtime in the event of attacks. Individual users should also always use reliable security solutions, otherwise they put not only their data and money at risk, but also those of the organisations where they work,” added Liskin.

Tags