Overview
- From January to September 2025, Pakistan logged more than 5.3 million on‑device attacks, while Kaspersky blocked over 2.5 million web threats.
- Kaspersky says 27% of individual users and 24% of corporate entities encountered malware delivered via infected removable media and hidden installers.
- Seven APT groups are active against Pakistan’s government, intelligence, telecoms, energy, financial services, critical infrastructure, and enterprises, including a Mysterious Elephant campaign focused on data theft such as WhatsApp content.
- Attackers used spear‑phishing, exploit kits, malicious documents, fake Wi‑Fi, and RDP abuse, with top exploited software including two 2025 flaws in 7‑Zip plus older issues in Microsoft Office, WinRAR, VLC, and Notepad++.
- Malware detections included about 354,000 exploitation attempts, 166,000 banking malware cases, 126,000 spyware, 113,000 backdoors, 107,000 password stealers, and 42,000 ransomware incidents, while Kaspersky urged patching, strong authentication, restricted remote access, EDR/XDR, backups, and user training; some financial firms shared few details.