ESET experts predict trends in cyber threats in 2025. In particular, this year is likely to see an increase in the number of fraudulent schemes using artificial intelligence and fake apps for mobile devices. In addition, new data theft programs and high activity of Russian cyber spies in Ukraine are expected.
Artificial intelligence as a tool in the hands of hackers
The number of spam and scams created by artificial intelligence will grow. Attackers can use GPTs to be more convincing when communicating with victims, for example, by impersonating the victim’s acquaintances in various scams. The number of fake accounts of public figures using deepfake technologies is also expected to increase.
“Content created by artificial intelligence can also be a lure for social media users as part of disinformation campaigns,” says Juraj Janosik, Head of Automated Systems and Intelligent Solutions at ESET.
According to him, in 2025, the number of fake accounts of celebrities and other public figures on social networks is also expected to increase, using deepfake videos and other content created by artificial intelligence to increase user trust.
Mobile devices are in the crosshairs
Malicious fake applications using PWA (a hybrid of a regular page and a mobile application) and WebAPK technologies are expected to increase. It is with the help of these technologies that attackers can bypass traditional security measures and install threats to steal bank credentials on victims’ devices.
In addition, the number of iOS threats and the activity of malicious programs that use the Flutter open source software development kit (SDK) will increase.
“Threats to iOS devices are expected to increase in 2025. Despite Apple’s strict App Store policy, which makes it difficult to spread malware, threats are also spreading through malicious websites, phishing, compromised email attachments, malicious ads on search engines, social networks, and apps,” said Lukasz Sztefanko, ESET Senior Malware Researcher.
However, Apple usually responds to new threats and updates its security mechanisms.
Cyber espionage and new threats to data theft
The espionage activities of Russian cybercriminal groups in Ukraine and partner countries will increase. VPNs are also expected to be used to conduct attacks and Chinese-linked groups will continue to target telecommunications companies.
“In 2025, cyberattacks will remain an aspect of armed conflicts and wars around the world. The Russian-Ukrainian war has seen a decline in sabotage operations in cyberspace and an increase in espionage activities. Cyber espionage activity is expected to continue both in Ukraine and in countries that support it, while sabotage cyber operations may be less common in the coming months,” , Jean-Yann Boutin, ESET’s Director of Threat Research, comments.
In addition, after the elimination of the dangerous RedLine Stealer program in 2025, other threats will increase in activity, spreading as part of the model of selling malicious tools from one attacker to another.
Improvements in ransomware
This year, ransomware is expected to evolve to disrupt detection and response (EDR) tools with the expansion of attack platforms. RansomHub will be the most active threat, replacing LockBit.
“In 2025, cybercriminals may improve this type of tool, making it more and more difficult to detect. This shows that security tools such as EDRs are an obstacle for attackers, and they will try to remove them or at least disable them,”– says Jakub Soucek, Senior Malware Researcher at ESET.
Remember, to avoid becoming a victim of insidious cybercrime schemes, you should follow basic rules, including using strong passwords and multi-factor authentication, taking care of Internet banking security, not clicking on links from unknown senders and not opening suspicious files, and ensuring reliable protection of home network devices.
