41% of Africans Targeted by On-Device Malware Threats in 2025 – Kaspersky Report
A recent cybersecurity report by Kaspersky, a global leader in digital security, reveals that 41% of African users were attacked by on-device malware threats in 2025, the highest rate globally. The report highlights a growing cyber threat landscape, with Africa leading other regions in on-device attacks.
Globally, 33% of users experienced on-device malware attacks, while other regions recorded the following:
- Asia-Pacific (APAC): 33%
- Middle East: 32%
- Latin America: 30%
- Europe: 20%
Understanding On-Device Malware Threats
On-device malware spreads through removable media such as USB drives, CDs, and DVDs. It can also infiltrate systems via encrypted files and complex software installers. Cybercriminals use these attacks to gain control over sensitive user information and target organisations.
Another major cyber threat is web-based malware, which affected 27% of users worldwide in 2025. In Africa, 21% of users faced web threats, compared with 26% in Latin America, 21% in Europe, and 19% in the Middle East.
Kaspersky also highlighted the resurgence of the Hacking Team, which now uses its commercial spyware, Dante, in the ForumTroll APT campaign, leveraging zero-day exploits in Chrome and Firefox browsers.
Rising Malware Trends in 2025
According to Alexander Liskin, Head of Threat Research at Kaspersky, vulnerabilities and stolen credentials remain primary attack vectors. He warns that failing to adopt robust cybersecurity strategies can result in months of downtime following attacks.
Key statistics from the 2025 report include:
- Average of 500,000 malicious files detected daily, a 7% YoY increase.
- Password stealer detections: +59% YoY
- Spyware detections: +51% YoY
- Backdoor detections: +6% YoY
Windows remains the most targeted platform, with 48% of users affected, while 29% of Mac users faced malware attacks.
Protective Measures for Individuals and Organisations
Kaspersky recommends the following to mitigate malware risks:
For Individuals:
- Avoid apps from untrusted sources.
- Refrain from clicking suspicious links or ads.
- Enable two-factor authentication (2FA).
- Use strong, unique passwords and password managers.
- Install system and software updates promptly.
- Never disable security software.
For Organisations:
- Regularly back up corporate data offline.
- Keep all devices updated with the latest software patches.
- Limit exposure of remote desktop services; use strong passwords.
- Conduct cybersecurity training for staff.
With cyber threats continuing to rise, adopting these strategies is essential for protecting personal data, financial assets, and corporate information.
