A new report by global cybersecurity firm Kaspersky has revealed thatPakistan experienced 5.3 million cyberattacks during the first threequarters of 2025, highlighting a sharp rise in digital threats targetingindividuals, corporations, and high-value institutions.
According to the report, 27% of Pakistani users were subjected to malwareattacks, while 24% of corporate entities faced risks due to infecteddevices within their networks. More than 2.5 million web-based attackswere successfully blocked during the period, reflecting increasing cyberrisk across the country.
Kaspersky noted a significant uptick in phishing attempts, botnetactivity, and fake Wi-Fi attacks, signaling a broader diversification ofhacking techniques used against Pakistani users.
The report further revealed that the company blocked:
– 354,000 exploit attempts targeting vulnerabilities in outdated software – 166,000 banking malware attacks – 126,000 spyware attacks – 42,000 ransomware incidents
The cybersecurity firm warned that many of these attacks exploitedunpatched vulnerabilities in WinRAR, Microsoft Office, and VLC MediaPlayer, where outdated versions provided an easy entry point for hackers.
Read Top Stories
Kaspersky also pointed out that seven different Advanced Persistent Threat(APT) groups targeted Pakistan during the reporting period. Among them,the Mysterious Elephant group conducted a targeted campaign againstsensitive national institutions, employing sophisticated methods to stealWhatsApp data and confidential documents.
The report stresses that organizations in Pakistan must adopt EDR(Endpoint Detection and Response) and XDR (Extended Detection andResponse) security solutions to counter evolving threats. It also urgesindividuals to practice basic cyber hygiene, keep their systems updated,and remain cautious of suspicious links and networks.
The findings highlight the growing cybersecurity challenges Pakistan facesas digital infrastructures expand and threat actors become more advanced.