APAC Intelligence Report – February 2025

Executive Summary and Key Insights. The report is based on data collected from February 1, 2025, to March 1, 2025.

Threat Landscape Overview

  • DDoS & Hacktivism Attacks: 20.6%
  • Compromised Accounts: 62%
  • Ransomware Activities: 14.5%
  • Compromised Bank Cards: 18.2%

Comparison: Data trends indicate shifts in cyber threats from January 2025 to February 2025.

Global Trends

High-Tech Crime Trends Report 2025

Group-IB’s latest High-Tech Crime Trends Report 2025 provides a comprehensive analysis of how global events continue to shape regional and local cyber threats. The report highlights:

  • State-sponsored espionage, ransomware, underground marketplaces, and AI-driven cybercrime are interconnected, creating a self-sustaining cycle of digital threats.
  • The rise of AI-powered automation in cybercrime, particularly in card testing attacks, where fraudsters use automation to verify stolen credit card details.

For more insights, visit:

Regional Trends: APAC and ANZ

Major Cybercrime Events

  1. Cybercriminal Arrest Following Joint Operation by Royal Thai Police and Singapore Police Force
    • A Group-IB-led investigation resulted in the arrest of a cybercriminal responsible for over 90 global data leaks.
  2. Vietnam’s Financial Sector Targeted by KamiKakaBot
    • Group-IB specialists uncovered a malicious campaign using the KamiKakaBot malware, linked to APT Dark Pink.
    • Attackers used a malicious LNK file instead of traditional DLL sideloading, infecting victims who opened the file.
  3. Malaysia’s Government Institutions Under Attack
    • Threat actors HIZBULLAH CYB3R and RipperSec have been leaking sensitive data from Malaysian government institutions and private companies.
  4. Ransomware Attacks Continue in India
    • The KillSec ransomware group has persisted in launching cyberattacks targeting Indian companies.
  5. RansomHub’s Growing Influence
    • Group-IB’s investigation into RansomHub, an emerging Ransomware-as-a-Service (RaaS) group, reveals that modern ransomware gangs are evolving by exploiting unpatched vulnerabilities, utilizing automation, and implementing advanced reconnaissance techniques.

For more details, visit Group-IB Threat Intelligence.

DDoS and Hacktivism in APAC

Hacktivist groups have continued their Distributed Denial-of-Service (DDoS) attacks, defacements, and data breaches across the APAC region. The top affected countries include:

  • India (38 attacks)
  • Malaysia (20 attacks)
  • Thailand (11 attacks)
  • Indonesia (9 attacks)
  • Australia (4 attacks)
  • Singapore (4 attacks)
  • Bangladesh (5 attacks)

Ransomware Activities

Ransomware remains a dominant threat in the APAC region. The most active ransomware groups in February 2025 include:

  • Space Bears
  • Lynx
  • APT73
  • RansomHub
  • KillSec

The most targeted countries were Malaysia, Australia, India, Singapore, and Japan.

Compromised Data & Bank Cards

Key Trends: February 2025

  • Data breaches continue to rise in APAC, with India, Vietnam, and Thailand being the most affected.
  • Popular malware tools used by cybercriminals include RedLine Stealer, LummaC2, and Raccoon.
  • Compromised bank cards have slightly increased, particularly in Australia, Malaysia, and Singapore.
  • Phishing remains a major attack vector, emphasizing the need for organizations to strengthen their anti-phishing defenses.

Cybersecurity Recommendations

To mitigate risks in the evolving cyber threat landscape, Group-IB recommends: ✅ Enhancing security awareness training to help employees recognize phishing and social engineering attacks.
Strengthening IT infrastructure with the latest security patches and multi-factor authentication (MFA).
Conducting regular security audits to identify and address potential vulnerabilities.
Deploying advanced threat detection tools such as Intrusion Detection Systems (IDS) and Endpoint Detection & Response (EDR).
Developing an incident response plan to mitigate cyber threats effectively.
Leveraging threat intelligence services to stay ahead of emerging cyber threats.

Conclusion

The APAC Intelligence Report – February 2025 highlights critical cybersecurity threats affecting the region. As cybercriminal tactics evolve, proactive cybersecurity measures and intelligence-driven security strategies remain essential for protecting organizations from financial and reputational damage.

For more cybersecurity insights, visit Group-IB Blog.

Leave a comment

Hey, so you decided to leave a comment! That's great. Just fill in the required fields and hit submit. Note that your comment will need to be reviewed before its published.