Cyberthreat trends: Password stealers, ransomware and spyware on the rise in the GCC
At GITEX 2025, Kaspersky highlights that understanding the growing and sophisticated cyberthreat landscape is now a prerequisite for effective day-to-day cyber defense. According to Kaspersky’s telemetry, the overall number of web and local threats detected and blocked by Kaspersky solutions exceeded 50 million in the first eight months of 2025 across the GCC, with several specific threats showing significant growth. In particular, password stealer detections surged by 21%, and spyware attacks rose by 34%.
The share of users targeted by ransomware across the GCC increased from 0.24% to 0.30% over the first eight months of the year. While this figure may appear modest, such percentages are typical for ransomware, particularly in recent years where attacks have become more targeted rather than mass-distributed. Cybercriminals increasingly concentrate on high-value victims such as enterprises and government institutions, which lowers the overall number of cases but amplifies the potential impact of each attack.
When looking specifically at threats targeting businesses, the findings show clear growth in several threat types. Backdoor detections increased by 32%, when successful, it enables the attackers to gain remote control over infected systems. Exploit detections grew by 21%, with Microsoft Office being the most frequently targeted in this category during the period. At the same time, password stealers aimed at businesses surged by 72%, while spyware recorded a 58% increase, underlining the need for a multi layered security approach.
“The data reflects how cybercriminals are becoming more strategic in their operations,” said Maher Yamout, Lead Security Researcher at Kaspersky. “Instead of relying on large volumes of basic attacks, they are increasingly deploying complex tools like spyware, backdoors, and password stealers. These threats are harder to detect, stay active for longer periods, and can cause significant damage before they are uncovered; reselling stolen data, including credentials to ransomware groups or the highest bidder is just one of the long-term risks from such threats. This evolution underscores the importance of visibility into advanced threats and timely intelligence for organizations in the GCC,” he added.
To help businesses and government organizations in the GCC strengthen their resilience against these threats, Kaspersky experts recommend:
- Deploy advanced security platforms such as Kaspersky Next, which combine endpoint, cloud, and XDR/EDR capabilities to detect, investigate, and respond to complex threats like spyware, backdoors, and ransomware.
- Keep software up to date, with a focus on widely used applications such as Microsoft Office, to minimize the risk of exploit-based attacks.
- Leverage threat intelligence services to gain visibility into the latest attacker tactics and prepare defenses accordingly.
- Train employees regularly to recognize phishing and other common infection vectors used to deliver these threats.
- For individual users, to stay safe from web threats and protect their devices, it’s advised to use a robust security solution, such as Kaspersky Premium.
مواضيع متعلقة
- SEKEM Extends Health Insurance Coverage to 40,000 Farmers Through Nice Deer Platform
- إنفينيكس تكشف عن HOT 60 Pro+.. أنحف هاتف في العالم
- كاسبرسكي تطلق تحديثاً جديداً لحل أمن بيئات العمل السحابية Cloud Workload Security
- كاسبرسكي تكشف عن القطاعات المستهدفة من مجموعات التهديدات المتقدمة المستمرة بالمنطقة
