Warning in 2025: 500,000 malicious files appear every day

In particular, the most dangerous malware groups all increased sharply, notably password stealer malware increased by 59% , spyware increased by 51% , and backdoor malware increased by 6% compared to 2024 .

These statistics are part of Kaspersky Security Bulletin – a series of reports summarizing prominent cybersecurity trends over the past year.

Cảnh báo trong năm 2025: Mỗi ngày 500.000 tệp độc hại xuất hiện - Ảnh 1. — Average number of malicious files detected per day by Kaspersky Security Solutions from 2021 to 2025.

Windows continues to be the most attacked operating system with 48% of users facing security risks, while 29% of macOS users were affected.

Globally , 27% of users are attacked through web-based threats, including malware that activates when visiting a website, tracks online behavior, or installs malware at various stages of the attack. In addition, 33% of users face threats that directly infect their devices via USB, removable hard drives, compressed files, or complex installers.

2025 saw a sharp increase in most regions, reflecting the growing scale of cybercriminals (based on the number of malware detected):

Latin America: backdoors up 24%, password stealers up 35%, spyware up 64%.

Middle East: Password stealers up 26%, spyware up 37%.

Europe: attacks via device threats increased by 1%, backdoors increased by 50%, attacks using exploits to penetrate the system (exploits) increased by 5%, password stealers increased by 48%, spyware increased by 64%.

Asia- Pacific : Password stealers up 132%, spyware up 32%.

Africa: backdoors up 2%, password stealers up 43%, spyware up 53%.

Commonwealth of Independent States: Device-based threats up 19%, backdoors up 25%, exploits up 10%, password stealers up 67%, spyware up 68%.

Alexander Liskin, head of threat research at Kaspersky, said the cyber security landscape this year has seen a rise in sophisticated attacks targeting both organizations and individuals. One notable point is the “reappearance” of Hacking Team via commercial spyware Dante, used in the ForumTroll APT campaign, exploiting zero-day vulnerabilities in Chrome and Firefox.

According to Kaspersky, exploits remain the most common way to break into corporate systems. In addition, the abuse of stolen credentials has led to a sharp increase in password stealer and spyware attacks. Supply chain attacks have also become more common, especially with open source software. 2025 marks the first time that the self-propagating malware NPM Shai-Hulud has spread widely in the NPM ecosystem (the NPM Shai-Hulud worm is a self-propagating malware that appeared in the NPM ecosystem - a platform that provides open source software packages that programmers around the world use to build websites and applications).

“Without a solid cybersecurity strategy, a single attack can cause a system to be down for a month. Individual users and businesses need to strengthen their security to minimize risks,” Mr. Alexander Liskin emphasized.

Kaspersky's recommendations for users

- For individuals: Do not install applications from unknown sources; avoid clicking on suspicious links. Enable two-factor authentication, use strong passwords and password managers. Update software promptly to patch vulnerabilities. Do not disable security software at the request of a third party. Use a comprehensive security solution.

- For businesses: Update software regularly, limit public remote access services. Use strong passwords and strict access management. Deploy Kaspersky Next solution to fully monitor IT infrastructure. Update information from Threat Intelligence to grasp new attack techniques. Back up data periodically and isolate copies from the internal network.

Source: https://nld.com.vn/canh-bao-trong-nam-2025-moi-ngay-500000-tep-doc-hai-xuat-hien-196251205173309376.htm