The ESET Threat Report H1 2025 is your go-to guide for the current state of cybersecurity. Put together by ESET Research, it pulls in threat data from its telemetry network spanning over 200 countries and teams up with international law enforcement. The goal? Spot emerging trends, flag the hottest attack vectors, and deliver actionable intel to help businesses and regular users—especially small and midsize companies—bolster their defenses.
1. Report Goals
-
Emerging cyberthreat trends
-
Active attack vectors
-
Actionable intelligence
-
Education and prevention, particularly in vulnerable sectors
2. Global Threat Landscape
-
Ransomware: Over 5,100 attacks spotted in six months across 96 active groups. Incidents rose 15%, but ransom payouts fell 35%—either defenses got tougher or victims are less willing to pay.
-
Infostealers: ESET helped take down Lumma Stealer and Danabot, whose operations had spiked by 21% and 52%, respectively.
3. Emerging Techniques
-
ClickFix (↑ 517%): Fake system-error pop-ups and CAPTCHA pages that trick users into running malicious commands on Windows, Linux, and macOS.
-
Phishing (20% in Spain): Still the top attack vector.
-
Android Adware (↑ 160%): Kaleidoscope leads the pack by pushing cloned apps.
-
NFC Frauds (×35): Schemes like NGate, GhostTap, and SuperCard swipe funds from ATMs and digital wallets.
4. Spotlight on Spain
-
Second worldwide in threat volume (just behind Japan)
-
SMBs are the prime ransomware targets
-
SnakeStealer accounts for 20–33% of Spain’s infostealer detections
-
Phishing tops the alerts (20%)
-
ClickFix is now the second-most common vector (↑ 517%)
-
Old Microsoft Office vulnerabilities persist, showing patch gaps
-
Mobile adware and crypto scams are on the rise
In the July 1 webinar, Josep Albors warned:
“Spanish SMBs are being systematically targeted, facing serious financial and reputational fallout.”
Keeping up with these key trends is crucial for maintaining a strong, resilient security posture.
