Kaspersky predicts the growth of mobile financial cyber threats in 2025

In the report Kaspersky Security Bulletin: Criminal software and financial cyber threats in 2025, the company’s experts shared their vision of the evolution of cyber security in the financial sector in 2025.

One of the trends highlighted in the report is that while the number of traditional banking or financial malware attacks on personal computers is declining, cyber threats to smartphones are on the rise. In 2024, according to the company’s anonymized telemetry, the number of users affected by mobile financial threats doubled (102%) globally compared to 2023. It is expected that this trend will continue in 2025.

Kaspersky Security Bulletin is an annual series of forecasts and analytical reports on key developments in the world of cyber security. Predictions made last year by Kaspersky experts about the evolution of criminal software and financial cyber threats in 2024 have been confirmed. During this year, there has been an increase in the number of cyber attacks supported by artificial intelligence, an increase in fraudulent activities aimed at direct payment systems, an increase in the number of open-source packages with backdoors, the emergence of even more sophisticated ransomware techniques, and more.

Further progress in ransomware techniques is expected in 2025. First, the ransomware will gain the ability to covertly manipulate or enter incorrect data into databases, instead of just encrypting the data. Even when decrypted, this “data pollution” technique calls into question the accuracy of a company’s entire data set. Second, how to quantum computing will developadvanced ransomware organizations will begin using post-quantum cryptography. The encryption techniques used by this “quantum-resistant” ransomware are designed to withstand decryption attempts by both classical and quantum computers, making it almost completely impossible for victims to decrypt their data. Third, “ransomware as a service” is predicted to grow: less experienced actors will be able to launch sophisticated attacks using packages that cost as little as $40, increasing the number of incidents.

An increase in attacks based on stolen information is also expected during 2025. Popular thieves like Lumma, Further, Redline and others will withstand pressure from law enforcement, adapt and adopt new techniques. New actors will emerge, and all stolen information will be used.

Other important forecasts include:

Attacks on central banks and open banking initiatives. These will be attacks on instant payment systems run by central banks, and as a result, cybercriminals could gain access to sensitive data.
Increasing attacks on supply chains in open-source projects. After incident with XZ backpackthe open-source community is expected to discover new attack attempts as well as backdoors that have been successfully implemented previously.
More artificial intelligence and machine learning on the defense side. Increasing adoption of artificial intelligence in cyber defense is expected to accelerate anomaly detectionreduced analysis time through prediction, automated responses and strengthened procedures to counter new threats.
The emergence of new threats based on blockchain technology. New blockchain protocols will emerge due to the need for a secure and private network based on blockchain and peer-to-peer technology. As a result, new malware developed using these unknown protocols will be distributed and used for various purposes.

“From 2025, resilience against financial cyber threats will require strong safeguards from both individual users and companies. The best defense will combine threat intelligence, predictive analytics, continuous monitoring, and the principle of total trust to protect critical data and operations from sophisticated attackers. It is also important to organize regular cyber-training programs for employees and warn them about potential cyber threats, because uninformed employees represent one of the most common initial attack vectors that can lead to serious financial losses for the organization. says Fabio Asolini, head of the Latin American unit of Kaspersky’s Global Research and Analytics Team (GReAT).

Read ceo Kaspersky Security Bulletin: Malware and Financial Cyber Threats in 2025 to find out how accurate our 2024 predictions were, as well as the full list of 2025 predictions at Securelist.com.