0

Check Point Report: Global Malware Landscape Heats Up

Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a global leader in AI-powered cloud cybersecurity, has released its Global Threat Index for June 2025, revealing a significant surge in sophisticated cyber threats.

RELATED: May 2025 malware spotlight: SafePay surges to the forefront of cyber threats

The report uncovers the increasing use of remote access tools like AsyncRAT, which has now entered the top 3 malware globally, leveraging Discord invite links to deploy malicious payloads. Meanwhile, FakeUpdates continues to dominate as the world’s most widespread malware.

Ransomware groups, especially Qilin, have intensified attacks on critical sectors such as healthcare and education, prompting renewed calls for proactive cybersecurity strategies.

Africa in the Crosshairs: Nigeria and Seven Others Among Top 20 Most Attacked

According to Check Point’s survey of 109 countries:

  • Ethiopia ranks 1st globally for cyber threat exposure.
  • Nigeria maintains the 5th position with a Normalized Risk Index (NRI) of 77.6%.
  • Mauritius (7th), Mozambique (10th), Zimbabwe (11th), Uganda (12th), Angola (17th), and Kenya (19th) also appear in the Top 20.
  • South Africa moved to 51st position (NRI: 44.8%).

“As cybercriminals grow more sophisticated, African nations remain high-risk targets. This calls for multi-layered cybersecurity, real-time threat detection, and AI-driven protections,” said Lionel Dartnall, Country Manager, SADC, Check Point Software.

Top Malware Threats in June 2025

1. FakeUpdates

  • Most prevalent globally (4% of organizations affected)
  • Delivered through drive-by downloads
  • Associated with Evil Corp hacking group

 2. Androxgh0st

  • Python-based malware targeting Laravel PHP-based applications
  • Steals sensitive credentials from .env files

3. AsyncRAT

  • Remote Access Trojan exploiting Discord
  • Enables full remote control of infected devices

Leading Ransomware Groups

1. Qilin (Agenda)

  • Accounts for 17% of global ransomware attacks
  • Targets large-scale enterprises in healthcare & education

2. SafePay

  • Employs double-extortion tactics

  • Impacts businesses of all sizes

3. Akira

  • Exploits VPN vulnerabilities
  • Encrypts files with “.akira” extension

Most Widespread Mobile Malware

1. Anubis

  • Steals banking credentials and bypasses MFA
  • Hidden in malicious Google Play apps

2. AhMyth

  • Android RAT disguised as legitimate apps
  • Enables keylogging and data exfiltration

3. Necro

  • Executes malicious commands and hijacks Android devices for botnet activity

Most Targeted Industries in June 2025

  1. Education – Vulnerable due to wide user bases and digital infrastructure gaps
  2. Government – High-value target for data theft and surveillance
  3. Telecommunications – At risk due to the volume of sensitive data handled

“The increasing use of platforms like Discord for malware delivery and the growth of ransomware-as-a-service groups like Qilin show how dynamic and dangerous today’s cyber environment has become,” said Lotem Finkelstein, Director of Threat Intelligence at Check Point.

What Organisations Must Do

  • Adopt AI-powered threat intelligence tools
  • Invest in endpoint detection and response (EDR)
  • Train staff on phishing and social engineering risks
  • Apply multi-factor authentication (MFA) and data encryption

More in Business

You may also like