Daily NewsCyber Crime & ForensicCyber SafetyDevice & IoTThreat Detection & Defense

Kaspersky Unveils Over 5.3M On-Device Cyberattacks in Pakistan from January to September 2025

Compromising USB Drives, CDs, DVDs, Hidden Installers, and Many More

Digital devices in Pakistan have become prime targets of cyber criminals. This was revealed by cybersecurity company Kaspersky in a media briefing it recently held. According to the global cybersecurity leader, it detected over 5.3 million on-device attacks in Pakistan in the first three quarters of 2025 alone (from January to September), underscoring the gravity of the situation.

Dmitry Berezin, Kaspersky’s Global Security Expert, shared in the media brief that 27% of all users and 24% of organisations were infected by malware delivered via compromised USB drives, CDs, DVDs, and hidden installers. Among the malware Kaspersky detected in these devices were ransomware, worms, backdoors, trojans, password stealers, and spyware.

Berezin further shared that Advanced Persistent Threat (APT) groups have seemingly zeroed in on Pakistan, with as many as seven of them targeting the country’s telecoms and financial services, critical infrastructure, defence, and government entities, aside from going after private organisations.

Kaspersky’s Recommendations to Pakistan

In light of these findings, Berezin and Kaspersky are advising organisations to be more vigilant and for organisations to practise cyber hygiene at all times. Furthermore, Berezin is enjoining businesses to be more proactive in understanding these threats so they can make the necessary adjustments in terms of fortifying their cyber defences.

“Some threats are distributed widely, while others are highly focused. For example, exploitation of zero-day vulnerabilities is a tactic that is used by sophisticated cyber criminals in attacks such as ransomware and advanced persistent threats,” Berezin noted. “Understanding the threat landscape becomes an operational necessity: when you know which threats are active in the region, you can fine-tune the security controls to be proactively protected against them.”

For organisations and the public sector, effective defence in this case requires a combination of prevention and response. Among the critical practices that need to be put in place include adopting rigorous patching, setting up strong authentication, restricting remote access, and deploying endpoint detection and response (EDR) and extended detection and response (XDR) solutions like those offered by Kaspersky and other leading cybersecurity companies.

Kaspersky, for its part, said it blocked 2.5 million web attacks in Pakistan in the first three quarters of 2025 alone, stopped 354,000 exploitation attempts, detected 166,000 banking malware, prevented 126,000 spyware attacks, and eliminated 107,000 password stealers.

With a quarter to go in 2025, and the rest of the coming years ahead, Pakistani residents and organisations will need to be extra careful with their devices as cyber criminals will continue to be active.

Martin Dale Bolima

Martin has been a Technology Journalist at Asia Online Publishing Group (AOPG) since July 2021, tasked primarily to handle the company’s Disruptive Tech Asia and Disruptive Tech News online portals. He also contributes to Cybersecurity ASEAN and Data&Storage ASEAN, with his main areas of interest being artificial intelligence and machine learning, cloud computing and cybersecurity. A seasoned writer and editor, Martin holds a degree in Journalism from the University of Santo Tomas in the Philippines. He began his professional career back in 2006 as a writer-editor for the University Press of First Asia, one of the premier academic publishers in the Philippines. He next dabbled in digital marketing as an SEO writer while also freelancing as a sports and features writer.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *