In the new Kaspersky Security Bulletin report on crimeware and financial cyberthreats, company’s experts from the Global Research and Analysis Team (GReAT) shared their vision for the financial cybersecurity landscape evolution in 2025. One of the trends indicated in the report is that as the number of attacks with traditional banking or financial malware for PCs decreases, financial cyberthreats for smartphones rise. In 2024, according to anonymized Kaspersky telemetry, the number of users affected by mobile financial threats increased twofold (102%) globally compared to 2023. This trend is expected to continue in 2025.
The Kaspersky Security Bulletin is an annual series of end-of-year predictions and analytical reports on key developments within the cybersecurity world. Last year, most of Kaspersky experts’ predictions for the evolution of crimeware & financial cyberthreats in 2024 turned out to be true. These included an increase in AI-powered cyberattacks, a surge in fraudulent schemes targeting direct payment systems, a rise in open-sourced backdoored packages, more sophisticated ransomware techniques, and others.
In 2025, more advancements in ransomware techniques are anticipated. First, ransomware will covertly manipulate or introduce erroneous data into databases, rather than merely encrypting data. Even if decrypted, this “data poisoning” technique casts doubt on the accuracy of a business’s complete dataset. Second, advanced ransomware organizations will start using post-quantum cryptography as quantum computing develops. The encryption techniques used by this “quantum-proof” ransomware are designed to withstand decryption attempts from both classical and quantum computers, making it nearly impossible for victims to decrypt their data. Third, ransomware-as-a-service is projected to grow: less experienced actors will be able to launch sophisticated attacks with kits as inexpensive as $40, increasing the number of occurrences.
A surge in attacks based on stolen information is also expected in 2025. Popular stealers, such as Lumma, Vidar, Redline and others will withstand the pressure from law enforcement, will adapt and adopt new techniques. New players will appear, and all stolen information will be put to use.
Other important predictions include:
- Attacks against Central Banks and Open Banking initiatives. These will be attacks on instant payment systems run by central banks, and as a result cybercriminals may get access to sensitive data.
- Increase in supply-chain attacks on open-source projects. Following the XZ backdoor incident, the open-source community is likely to uncover both new attack attempts and backdoors that have been previously successfully implanted.
- More AI and machine learning on the defense side. We will see AI increasingly adopted in cyber defense to accelerate anomaly detection, reduce analysis time through predictive capabilities, automate response actions, and strengthen policies to counter emerging threats.
- Appearance of new blockchain-based threats. Newblockchain protocols will emerge due to the need for a secure and private network based on blockchain and peer-to-peer technology. As a result, new malware developed using these obscure protocols will be distributed and utilized with various purposes.
“In 2025 and beyond, resilience against financial cyberthreats will demand robust security measures from both individual users and businesses. The best defense will combine threat intelligence, predictive analytics, continuous monitoring, and a zero-trust mindset to safeguard critical data and operations from sophisticated attackers. It is also important to organize regular cyber-training programs for employees and warn them about potential cyberthreats, as uninformed staff are among the most common initial attack vectors that can lead to serious financial losses for an organization,” comments Fabio Assolini, head of the Latin American unit of the Global Research and Analysis Team (GReAT) at Kaspersky.
Read the full Kaspersky Security Bulletin: crimeware and financial cyberthreats in 2025 report to find out how accurate our predictions for 2024 turned out to be, along with a full list of predictions for 2025 on Securelist.com.
Follow this link to explore KSB pieces from previous years.
About the Global Research & Analysis Team
Established in 2008, the Global Research & Analysis Team (GReAT) operates at the very heart of Kaspersky, uncovering APTs, cyber-espionage campaigns, major malware, ransomware, and underground cyber-criminal trends across the world. Today GReAT consists of 40+ experts working globally – in Europe, Russia, Latin America, Asia, Middle East. Talented security professionals provide company leadership in anti-malware research and innovation, bringing unrivaled expertise, passion and curiosity to the discovery and analysis of cyberthreats.
