Kaspersky Unveils Over 5.3M On-Device Cyberattacks in Pakistan from January to September 2025
Compromising USB Drives, CDs, DVDs, Hidden Installers, and Many More

Digital devices in Pakistan have become prime targets of cyber criminals. This was revealed by cybersecurity company Kaspersky in a media briefing it recently held. According to the global cybersecurity leader, it detected over 5.3 million on-device attacks in Pakistan in the first three quarters of 2025 alone (from January to September), underscoring the gravity of the situation.
Dmitry Berezin, Kaspersky’s Global Security Expert, shared in the media brief that 27% of all users and 24% of organisations were infected by malware delivered via compromised USB drives, CDs, DVDs, and hidden installers. Among the malware Kaspersky detected in these devices were ransomware, worms, backdoors, trojans, password stealers, and spyware.
Berezin further shared that Advanced Persistent Threat (APT) groups have seemingly zeroed in on Pakistan, with as many as seven of them targeting the country’s telecoms and financial services, critical infrastructure, defence, and government entities, aside from going after private organisations.
Kaspersky’s Recommendations to Pakistan
In light of these findings, Berezin and Kaspersky are advising organisations to be more vigilant and for organisations to practise cyber hygiene at all times. Furthermore, Berezin is enjoining businesses to be more proactive in understanding these threats so they can make the necessary adjustments in terms of fortifying their cyber defences.
“Some threats are distributed widely, while others are highly focused. For example, exploitation of zero-day vulnerabilities is a tactic that is used by sophisticated cyber criminals in attacks such as ransomware and advanced persistent threats,” Berezin noted. “Understanding the threat landscape becomes an operational necessity: when you know which threats are active in the region, you can fine-tune the security controls to be proactively protected against them.”
For organisations and the public sector, effective defence in this case requires a combination of prevention and response. Among the critical practices that need to be put in place include adopting rigorous patching, setting up strong authentication, restricting remote access, and deploying endpoint detection and response (EDR) and extended detection and response (XDR) solutions like those offered by Kaspersky and other leading cybersecurity companies.
Kaspersky, for its part, said it blocked 2.5 million web attacks in Pakistan in the first three quarters of 2025 alone, stopped 354,000 exploitation attempts, detected 166,000 banking malware, prevented 126,000 spyware attacks, and eliminated 107,000 password stealers.
With a quarter to go in 2025, and the rest of the coming years ahead, Pakistani residents and organisations will need to be extra careful with their devices as cyber criminals will continue to be active.



