{"id":4952,"date":"2026-05-22T15:10:49","date_gmt":"2026-05-22T10:10:49","guid":{"rendered":"https:\/\/spinpk.com\/?p=4952"},"modified":"2026-05-22T15:10:49","modified_gmt":"2026-05-22T10:10:49","slug":"asia-pacific-among-hardest-hit-by-ransomware-attacks-in-2025-kaspersky-report","status":"publish","type":"post","link":"https:\/\/spinpk.com\/index.php\/2026\/05\/22\/asia-pacific-among-hardest-hit-by-ransomware-attacks-in-2025-kaspersky-report\/","title":{"rendered":"Asia-Pacific Among Hardest Hit by Ransomware Attacks in 2025: Kaspersky Report"},"content":{"rendered":"
\n
\n \t<\/i> Read Time:<\/span>3 Minute, 23 Second <\/div>\n\n <\/div>

Kaspersky shares a report with an overview of ransomware trends that marked 2025 and insights into what the threat landscape holds in 2026. According to Kaspersky Security Network, in 2025 Latin America had the highest share of organizations with ransomware attacks detected (8.13%), followed by the Asia-Pacific region (7.89%), Africa (7.62%), Middle East (7.27%), the Commonwealth of Independent States (CIS, 5.91%) and Europe (3.82%). The report highlights the rise of \u201cencryption-less\u201d extortion attacks, the use of post-quantum cryptography by ransomware groups, and the persistent use of Telegram channels by cybercriminals to distribute compromised data sets and credentials.<\/p>\n

Despite a slight decline in the overall share of organizations attacked by ransomware in 2025 compared to 2024, users remain at significant risk as attackers industrialize their operations, automate intrusion methods, and increasingly focus on stealing and leaking sensitive data rather than simply encrypting systems.<\/p>\n

One of the trends in 2025 is the continued rise of endpoint detection and response (EDR) \u201ckillers\u201d \u2013 tools specifically designed to disable endpoint security solutions before executing the malware itself. EDR killers have become a standard component of attacks, which means more deliberate and methodical intrusions.<\/p>\n

Researchers also noted the emergence of ransomware families adopting post-quantum cryptography standards \u2013 this was predicted by Kaspersky previously.
\nThe role of Initial Access Brokers (IABs) \u2013 cybercriminal intermediaries that sell pre-compromised corporate access through underground forums and messaging platforms \u2013 is growing. RDWeb portals (websites through which devices can be controlled remotely) are increasingly targeted as ransomware groups continue to industrialize attacks through \u201cAccess-as-a-Service\u201d operations. As a result, the barrier to launching ransomware attacks declines.<\/p>\n

Telegram channels and dark web forums continuously function as platforms for the distribution and for the sale of compromised data sets and accesses including those that were obtained as a result of ransomware attacks. A major underground forum, RAMP, which also functioned as a platform through which threat actors advertised their ransomware services and published service\u2011related updates, got seized by authorities in January\u202f2026. Another underground forum, LeakBase, where malicious actors distributed exfiltrated and compromised data, was seized in March 2026..<\/p>\n

Among the most active ransomware groups in 2025 based on data leak sites, Kaspersky identified Qilin as the dominant ransomware-as-a-service (RaaS) operator following RansomHub\u2019s seizure of operations. Clop ranked as the second most active group, with Akira in the third place.<\/p>\n

While several major ransomware groups stopped operation in 2025, new actors emerge. Looking at 2026, the Gentlemen is one of the most important new ransomware actors due to the group\u2019s rapid growth, structured operations, and increasing focus on data-centric extortion. The group may include attackers formerly associated with other major ransomware operations.<\/p>\n

\u201c Ransomware has evolved into a highly organized ecosystem focused on monetizing stolen data, disabling defenses, and scaling attacks with business-like efficiency. Threat actors are quickly adapting, weaponizing legitimate tools, exploiting remote access infrastructure, and even adopting post-quantum cryptography years earlier than many expected. The purpose of Anti-Ransomware Day is to raise global awareness about the threats posed by ransomware and to promote best practices for prevention and response, and we urge all users to stay secure, set up layered defenses, invest in backups and boost cyberliteracy levels to counter attacks,\u201d comments Fabio Assolini, Lead Security Researcher at Kaspersky GReAT.<\/p>\n

Kaspersky encourages organizations to follow the best practices to safeguard from ransomware. Enable ransomware protection for all endpoints. There is a free Kaspersky Anti-Ransomware Tool for Business that shields computers and servers from ransomware and other types of malware, prevents exploits and is compatible with already installed security solutions.<\/p>\n

Always keep software updated on all the devices you. Companies from non-industrial sector can protect themselves by installing anti-APT and EDR solutions that enable capabilities for advanced threat discovery and detection, investigation and timely remediation of incidents. Organizations can also provide their SOC teams with access to the latest threat intelligence and regularly upskill them with professional training. All of the above is available within Kaspersky Next.<\/p>\n

\n
\n \n
\n \n \"Happy\"\n <\/a>\n
\n Happy <\/div>\n
\n 0<\/span>\n \n 0<\/span> %<\/span>\n <\/div>\n <\/div>\n\n
\n \n \"Sad\"\n <\/a>\n
\n Sad <\/div>\n
\n 0<\/span>\n 0<\/span> %<\/span>\n <\/div>\n <\/div>\n\n
\n \n \"Excited\"\n <\/a>\n
\n Excited <\/div>\n
\n 0<\/span>\n 0<\/span> %<\/span>\n <\/div>\n <\/div>\n\n
\n \n \"Sleepy\"\n <\/a>\n
\n Sleepy <\/div>\n
\n 0<\/span>\n \n 0<\/span> %<\/span>\n <\/div>\n <\/div>\n\n
\n \n \"Angry\"\n <\/a>\n
Angry<\/div>\n
\n 0<\/span>\n 0<\/span> %<\/span>\n \n <\/div>\n <\/div>\n\n
\n \n \"Surprise\"\n <\/a>\n
Surprise<\/div>\n
\n 0<\/span>\n 0<\/span> %<\/span>\n <\/div>\n <\/div>\n\n <\/div>\n <\/div>\n\n ","protected":false},"excerpt":{"rendered":"

Kaspersky shares a report with an overview of ransomware trends that marked 2025 and insights into what the threat landscape holds in 2026. According to Kaspersky Security Network, in 2025 Latin America had the highest share of organizations with ransomware attacks detected (8.13%), followed by the Asia-Pacific region (7.89%), Africa (7.62%), Middle East (7.27%), the […]<\/p>\n","protected":false},"author":1,"featured_media":4953,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[10],"tags":[129],"class_list":["post-4952","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech-and-telecom","tag-kaspersky"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/spinpk.com\/index.php\/wp-json\/wp\/v2\/posts\/4952"}],"collection":[{"href":"https:\/\/spinpk.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/spinpk.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/spinpk.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/spinpk.com\/index.php\/wp-json\/wp\/v2\/comments?post=4952"}],"version-history":[{"count":1,"href":"https:\/\/spinpk.com\/index.php\/wp-json\/wp\/v2\/posts\/4952\/revisions"}],"predecessor-version":[{"id":4954,"href":"https:\/\/spinpk.com\/index.php\/wp-json\/wp\/v2\/posts\/4952\/revisions\/4954"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/spinpk.com\/index.php\/wp-json\/wp\/v2\/media\/4953"}],"wp:attachment":[{"href":"https:\/\/spinpk.com\/index.php\/wp-json\/wp\/v2\/media?parent=4952"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/spinpk.com\/index.php\/wp-json\/wp\/v2\/categories?post=4952"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/spinpk.com\/index.php\/wp-json\/wp\/v2\/tags?post=4952"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}