ESET Threat Report H1 2025

Exploring the H1 2025 Threat Landscape with ESET Experts

Step into the dynamic world of cybersecurity threats in the first half of 2025, where innovation meets challenge.

Among the standout occurrences was the rise of ClickFix, a deceptive attack method that surged by over 500% compared to the previous period, making it a prevalent threat alongside phishing. ClickFix lures users into executing malicious commands under the guise of fixing a fake error, delivering a range of payloads from infostealers to ransomware and nation-state malware across various operating systems.

The infostealer landscape underwent significant changes, with SnakeStealer taking the lead after Agent Tesla’s decline. ESET also played a key role in disrupting Lumma Stealer and Danabot, major malware-as-a-service threats.

On the mobile front, adware detections soared by 160%, driven by the emergence of Kaleidoscope, a sophisticated threat using an “evil twin” strategy to distribute malicious apps. NFC-based fraud also spiked over thirty-five times, showcasing criminals’ adeptness at exploiting NFC technology through phishing and relay techniques.

In the realm of ransomware, turmoil ensued as rival gangs clashed, impacting the top ransomware service, RansomHub. Despite a rise in attacks and active gangs, ransom payments saw a significant decrease, possibly due to takedowns and exit scams that reshaped the ransomware landscape.

Stay updated on ESET research via Twitter, Bluesky, and Mastodon for insights on key trends and top threats.

Discover how threat intelligence can bolster your organization’s cybersecurity defense at the ESET Threat Intelligence page.

Leave a Reply

Your email address will not be published. Required fields are marked *