Current trend places Southeast Asian firms at growing risk, says expert
KUALA LUMPUR: Malaysia recorded a total of 194,692 cases of spyware attacks last year, ranking it the third behind the Philippines and Singapore in the Southeast Asia region.
Kaspersky Asean and Asia Emerging Countries general manager Simon Tung said the surge in spyware attacks is placing Southeast Asian businesses at greater risk.
Tung said in 2025, Kaspersky, a global cybersecurity and digital privacy company, foiled more than 800,000 spyware attacks targeting organisations in the region.
“A total of 818,939 attacks were blocked last year, 18% more than the detections in 2024.
“Our business solutions and data showed we are entering an era of threat actors looking beyond business disruption.
“We are seeing a rise in targeted intelligence gathering in Southeast Asia, turning corporate networks into rich hunting grounds for sensitive information,” Tung said in a statement.
He added that spyware is a type of software which is secretly installed on a user’s computer to collect their data.
“Spyware’s surveillance activity leaves users open to data breaches and misuse of private, confidential data. It also affects network and device performance, slowing down daily user activities.
“On a year-on-year (YoY) basis, Kaspersky monitored the highest surge in spyware attacks against organisations in Singapore (111%), followed by the Philippines (85%) and Malaysia (75%).
“Indonesia logged a 35% surge and Vietnam has an 8% YoY increase. Only Thailand witnessed a decline of 53%.”
In March 2025, Kaspersky uncovered Operation ForumTroll, a targeted cyberespionage campaign that exploited browser vulnerability to infiltrate organisations across media, government, education and finance, Tung said.
“Attackers used highly personalised phishing emails, disguised as invitations to the Primakov Readings forum, to gain initial access.
“Once inside, they deployed spyware tools such as LeetAgent and a more advanced variant known as Dante, both linked through shared infrastructure and techniques, pointing to a coordinated and well-resourced operation.”
He also said the campaign highlights how spyware underpins modern cyber-espionage by enabling attackers to covertly monitor systems, capture sensitive data and track internal communications over extended periods.
“Designed for stealth and persistence, the tools allow threat actors to build a detailed picture of organisational activity and extract high-value intelligence, reinforcing the growing role of advanced spyware in long-term, targeted intelligence gathering.
“Spyware is particularly dangerous for businesses in Southeast Asia because it operates silently, extracting what matters most: sensitive data, strategic insight and corporate intelligence.
“In today’s uncertain economic environment and complex geopolitical climate, the intelligence becomes even more valuable, allowing attackers to observe, collect and exploit information over time, turning a single infection into a sustained breach of trust, competitiveness and operational security.
“To counter this, organisations from the region need to move beyond traditional security, adopting intelligence-led, AI-powered solutions that are able detect and disrupt threats before data is compromised.”
Tung said to reduce the risks of malicious spyware attacks, Kaspersky experts recommend organisations to always keep software updated on all the devices they use to prevent attackers from infiltrating their network by exploiting vulnerabilities
