
Pakistan faced more than 5.3 million cyberattacks in the first three quarters of 2025, according to Kaspersky. Twenty-seven percent of users and 24 percent of companies experienced malware attacks and device-related threats. The attacks included phishing, ransomware, botnets, and fake Wi-Fi, targeting both individuals and organizations across the country.
Authorities blocked over 2.5 million web-based attacks and 354,000 exploit attempts, while 166,000 banking malware attacks and 126,000 spyware incidents were also prevented. Hackers exploited software weaknesses in WinRAR, Office, and VLC to target high-value systems. The report highlighted that outdated systems and poor cyber hygiene made users more vulnerable to attacks.
Read more: Pakistani cyberattack hits major indian sites, sensitive data leaked
Seven advanced persistent threat (APT) groups, including “Mysterious Elephant,” launched targeted campaigns against sensitive institutions. They used advanced methods to steal confidential data and hack WhatsApp and private documents. The groups aimed at high-value targets, while ordinary users also faced rising malware threats and phishing scams.
Kaspersky advised users to update software regularly and adopt basic cybersecurity practices. Authorities urged secure networks, careful use of links, and antivirus software to protect devices. Businesses and individuals were encouraged to monitor networks and stay alert to emerging cyber threats to prevent potential losses.
Read more: Six countries allegedly teamed up with Pakistan in cyber attacks
Experts warned that Pakistan must strengthen cybersecurity awareness and protocols nationwide. Collaboration between government, companies, and citizens is essential to curb rising attacks. Without action, the country remains highly exposed, leaving both personal and organizational data at serious risk.