From January to June 2025, Kaspersky enterprise solutions blocked more than 96,530
spyware attacks targeting organisations in Malaysia – a 124% surge compared to 43,056
incidents in the same period last year. This jump places Malaysia among the top three
countries in Southeast Asia with the steepest rise in spyware threats, second only to
Singapore.
The surge coincides with Malaysia’s rapid economic modernisation, where the digital sector
is expected to contribute 25% of GDP in 2025 and rise to 30% by 2030. As corporations
across finance, logistics, manufacturing and government-linked sectors embrace new
technologies and digital operations, cybercriminals are keeping pace and evolving their
tactics tosteal critical business data.
The global cybersecurity company notes that the stark rise in targeted spyware attacks is a
wake-up call for Malaysian businesses to reassess their data protection measures.
Spyware is a type software, which is secretly installed on a user’s computer to collect their
data. Unlike malware, spyware typically does not harm the operating system or programs
and files. Runs on the device to monitor activity (e.g., keylogging, screen captures). It can be
installed via online means, but its surveillance happens locally.
Step-by-step, a spyware will take the following actions on your computer or mobile device:
- Infiltrate — via an app install package, malicious website, or file attachment.
- Monitor and capture data — via keystrokes, screen captures, and other tracking codes.
- Send stolen data — to the spyware author, to be used directly or sold to other parties.
In short, spyware communicates personal, confidential information about you to an
attacker.
The information gathered might be reported about your online browsing habits or purchases,
but spyware code can also be modified to record more specific activities.
Data compromised by spyware often includes collecting confidential info such as:
- Login credentials — passwords and usernames
- Account PINs
- Credit card numbers
- Monitored keyboard strokes
- Tracked browsing habits
- Harvested email addresses
The recent years have also witnessed the emergence of commercial spyware, a form of
“legal malware” sold to governments and law enforcement, which has become an urgent
threat to organisations around the globe.
Commercial spyware functions like malware developed by private firms, designed to secretly
monitor devices by stealing messages, eavesdropping on calls, tracking locations, and
removing traces of its presence Installation often exploits zero-click vulnerabilities, meaning
victims don’t even need to click anything for infection to happen.
Pegasus is among the most infamous spyware. It is known for zero-click infects via
iMessage, WhatsApp, and other platforms and is capable of full device surveillance including
messages, calls, and location. In 2024 Kaspersky’s Global Research and Analysis Team
(GReAT) has created a lightweight technique to spot traces of advanced iOS spyware like
Pegasus, Reign, and Predator by examining Shutdown.log, a forensic trail that had gone
largely unnoticed during that time.
“Malaysia’s ambition to become a regional hub for AI, cloud and hyperscale data-centre
development, supported by RM169.2 billion in investments from global players, has made
the country an increasingly attractive target for spyware attackers. The massive flow of data
generated across these sectors is exactly what cybercriminals seek to steal, whether for
profit, surveillance or competitive advantage,” said Simon Tung, General Manager for
ASEAN and Asia Emerging Countries (AEC) at Kaspersky.
“As the country moves closer to having a quarter of its GDP driven by the digital sector by
2030, the incentive for attackers to infiltrate local corporations will only continue to grow. Our
research shows that spyware campaigns now exploit both cutting-edge technologies and
outdated, unpatched systems indicating that threat actors are rapidly refining their methods.
This is where threat intelligence becomes essential, giving Malaysian organisations the
visibility and insights they need to make informed security decisions and protect their
businesses”, he added.
Ensuring full protection against attacks using spyware is generally challenging. However,
organisations can at least make life harder for potential attackers. Kaspersky suggests the
following recommendations:
- Regularly update the software on all your devices. First and foremost: operating systems, browsers, and messaging apps
- Do not click on suspicious links — one visit to a site may be enough to infect your device
- Use a VPN to mask your internet traffic — this will protect you from being redirected to a malicious site while browsing HTTP pages
- Reboot regularly. Often, spyware can’t persist in an infected system indefinitely, so rebooting helps get rid of it
- Install a reliable security solution on all your devices
- Use the latest Threat Intelligence information to stay aware of the actual Tactics,
- Techniques, and Procedures (TTPs) used by threat actors.