Kaspersky detected 467,000 malicious files daily in 2024 with Windows as primary target for cyberattacks

Islamabad: Kaspersky’s detection systems identified an average of 467,000 malicious files daily in 2024, reflecting a 14% rise compared to the previous year. Certain threat categories showed notable growth, with experts observing a 33% increase in Trojan detections compared to 2023. These insights, along with others, are detailed in the Kaspersky Security Bulletin (KSB), an annual report series examining key trends in the cybersecurity domain.

Windows remained the primary focus of cyberattacks, representing 93% of all malware-related data identified daily. Among the top three threats were malicious families spread through various scripts and Microsoft Office document formats, accounting for 6% of all daily detected malicious files.Kaspersky and Transworld Pakistan join hands to provide parents with cybersecurity solution for child safety

Kaspersky’s systems also recorded a 19% year-over-year increase in Windows malware from 2023 to 2024. Trojans, which are harmful programs masquerading as legitimate software, remained the most prevalent malware type, with a 33% surge during the same period. Additionally, the use of Trojan-droppers – software designed to secretly install other malware on a victim’s device – increased by 150%, or 2.5 times, compared to the previous year.

Cyber threats continue to grow year by year as adversaries develop increasingly sophisticated malware, techniques, and attack strategies targeting both individuals and organizations. This year was no different, with significant trends emerging, including attacks on trusted relationships, supply chains, and open-source packages (e.g., the XZ case). Massive phishing campaigns targeted social media users, banking malware surged, and AI tools were increasingly leveraged to create new malware and facilitate phishing attacks.

“In this dynamic cyber threat landscape, reliable security solutions are crucial. Kaspersky’s experts remain dedicated to addressing emerging and complex threats, ensuring a secure online experience for individuals and advanced cybersecurity solutions for organizations,” comments Vladimir Kuskov, Head of Anti-Malware Research at Kaspersky.

Recommendations for Individual Users

1. Avoid Untrusted Sources: Do not download or install applications from unverified sources.
2. Enable Two-Factor Authentication: Use 2FA whenever possible to enhance account security.
3. Use Strong Passwords: Create unique passwords combining upper- and lower-case letters, numbers, and punctuation. Use a trusted password manager to store and recall them.
4. Install Updates Promptly: Keep your software updated to address critical security vulnerabilities.
5. Deploy Reliable Security Solutions: Choose robust tools like Kaspersky Premium for comprehensive protection tailored to your devices.

Recommendations for Organizations

1. Maintain Updated Software: Regularly update software across all devices to prevent exploitation of vulnerabilities.
2. Restrict RDP Access: Avoid exposing remote desktop services to public networks unless absolutely necessary, and always use strong passwords.
3. Adopt Advanced Security Solutions: Implement tools like Kaspersky NEXT EDR Expert for complete endpoint visibility, automated threat detection, and response to advanced persistent threats (APTs).
4. Leverage Threat Intelligence: Stay informed about the latest tactics, techniques, and procedures (TTPs) used by cybercriminals.
5. Back Up Data: Regularly back up corporate data and ensure backups are isolated from the main network. Test accessibility to backups for emergency scenarios.

Key Findings and Data

These insights are derived from Kaspersky’s detections of malicious files between January and October and form part of the Kaspersky Security Bulletin (KSB) – an annual series providing predictions and analyses on critical cybersecurity trends.