APAC Cybersecurity Intelligence Report – January 2025

Understanding the Evolving Threat Landscape in APAC

As cyber threats continue to evolve in complexity, businesses and organizations across the Asia-Pacific (APAC) region must stay vigilant. The latest APAC Intelligence Report – January 2025 provides key insights into emerging cyber risks, including the rise of ransomware-as-a-service (RaaS), social engineering scams, and increasing phishing attacks targeting financial institutions.

Threat Landscape Overview

A comparative analysis of December 2024 to January 2025 reveals the following:

  • DDoS and Hacktivism Attacks: 22% of reported incidents
  • Compromised Accounts: 40% increase
  • Ransomware Activities: 70% surge, making it the dominant threat
  • Compromised Bank Cards: 13% of total threats reported

These findings indicate a worrying trend in cybercriminal activities targeting both individuals and enterprises​.

Global Trends

1. Lynx Ransomware-as-a-Service (RaaS) Expansion

The Lynx RaaS group has emerged as a highly structured cybercrime syndicate. Their affiliate-based model, sophisticated encryption techniques, and multi-platform ransomware arsenal enable widespread attacks. The report highlights how their criminal ecosystem operates through encrypted communication channels and underground marketplaces​.

2. Real Estate Scams Targeting Expatriates

A concerning rise in real estate fraud has been observed, particularly targeting expatriates relocating to the Middle East. Scammers use fake property listings on legitimate platforms before switching negotiations to WhatsApp or Telegram. Victims who transfer money find themselves defrauded, with their funds quickly funneled through mule accounts​.

  • Average financial loss per victim: $3,064
  • Estimated total losses: Millions annually

These scams have expanded to APAC, requiring increased vigilance from potential property buyers.

Regional Trends: APAC & ANZ

1. Surge in Phishing Attacks on Indonesian Banks

  • A significant rise in targeted phishing campaigns has been observed in Indonesia.
  • Financial institutions are facing an increasing number of fraud attempts, primarily aimed at credential theft.

2. Social Engineering Schemes

  • Fraudsters exploit public trust by impersonating government officials and using remote access software to steal financial credentials.
  • This fake refund scam, initially prominent in the Middle East, is now impacting APAC and ANZ.

3. Government Cyber-Attacks by ShadowSilk

  • A coordinated cyber-espionage campaign by the ShadowSilk group has been detected across CIS and APAC governments.
  • Attacks trace back to 2023, with evidence of persistent breaches into classified systems​.

Key Takeaways & Recommendations

The January 2025 APAC Cyber Intelligence Report underscores the evolving ransomware landscape, financial fraud trends, and state-sponsored cyber-espionage. Businesses must adopt a multi-layered cybersecurity approach, including:

Enhanced Phishing Awareness Training for employees
Real-Time Monitoring to detect and respond to ransomware threats
Multi-Factor Authentication (MFA) for stronger access control
Regular Security Audits to identify and mitigate vulnerabilities

Stay Informed & Secure
For more details, visit Group-IB’s Threat Intelligence Platform

Leave a comment

Hey, so you decided to leave a comment! That's great. Just fill in the required fields and hit submit. Note that your comment will need to be reviewed before its published.