Presenting at the recently held EXITO Cyber Security Summit 2026 in Johannesburg, Kaspersky shared a review of the current cyber threat landscape in the country and on the continent. According to Kaspersky telemetry, for 2025, spyware, which is a type of malicious software installed on users’ devices to collect their data, showed the biggest year-over-year growth in detections among different analysed malware types in South Africa: the number of spyware attacks increased by 117%. Password stealers, designed to gather users’ account information, grew in the number of attacks by 116% times more often compared with the previous year.
Exploit attacks were detected 20% more often in South Africa. These are programs designed by cyber attackers to take advantage of vulnerabilities in an application or operating system to gain unauthorised access to it and to cause unintended behaviour to occur on software. Ransomware, though very targeted in distribution, remains a high-risk threat for organisations, who should also guard themselves from supply chain and trusted relationship attacks.
The number of backdoor attacks in the country grew by 63% year-over-year. Backdoors allow remote administration of a victim’s machine, including managing files and harvesting data from the computer.
Overall, Kaspersky security tools blocked more than 13 million online attack attempts on users in South Africa in 2025. Online threats typically include different types of malware attacks, such as for example, password stealers, exploits, spyware, etc. Another 20 million on-device threats were blocked, including malware delivered via infected USB drives.
“While INTERPOL-led actions like Serengeti, to which Kaspersky contributed by sharing its threat intelligence data and indicators of compromise, help to combat cybercrime across the African continent, both organisations and individuals in the region should take proactive action, primarily by staying aware of the current threats they may face and maintain strong cybersecurity hygiene. Cybersecurity solutions like Kaspersky Next for organisations and Kaspersky Premium for individuals can also significantly help reduce cybersecurity risks,” said Robert Swanepoel, Technical Expert for the Sub-Saharan region at Kaspersky.
Malware often reaches a device through phishing messages and websites employing social engineering techniques. If an operating system, browser, or application is outdated, attackers may exploit security flaws to install malware. To significantly reduce the risk of infections with malware, Kaspersky experts advise individuals and organisations to follow these best practices:
- Be cautious with links and attachments received – verify the sender before opening files or clicking links.
- Download software only from official sources.
- Install updates for systems and applications as soon as they become available.
- Use strong, unique passwords and enable multi-factor authentication wherever possible.
- Install reputable security software that can detect malware before it compromises the system.
- Regularly back up important data.
- Staying informed about current cyber threats and maintaining good digital hygiene helps keep devices and data safe.
