advertisement
Kaspersky Warns Of Data-Stealing Malware In Kenya
According to Kaspersky telemetry, in 2025, password stealers and spyware attacks showed the biggest year-over-year growth in Kenya among different analysed malware types. Password stealers, designed to secretly gather users’ account information, grew in the number of attacks by 83 percent compared with the previous year. Spyware, which is a type of malicious software installed on users’ devices to collect their data, also increased in the number of attacks by 83 percent.
Exploit attacks decreased in Kenya, however remain an acute threat that should not be underestimated. These are programs designed by cyber attackers to take advantage of vulnerabilities in an application or operating system to gain unauthorised access to it and to cause unintended behaviour to occur on software. Ransomware, though very targeted in distribution, remains a high-risk threat for organisations, who should also guard themselves from supply chain and trusted relationship attacks.
The number of backdoor attacks in the country grew by 25 per cent year-over-year. Backdoors allow remote administration of a victim’s machine, including managing files and harvesting data from the computer.
advertisement
Overall, Kaspersky security tools blocked more than 11,3 million online attack attempts on users in Kenya in 2025. Online threats typically include different types of malware attacks, such as for example, password stealers, exploits, spyware, etc. Another 18,4 million on-device threats were blocked in the country, including malware delivered via infected USB drives.
“Operations coordinated by INTERPOL, such as Serengeti to which Kaspersky has contributed, demonstrate how international cooperation and threat intelligence sharing can strengthen the fight against cybercrime across Africa. At the same time, both organisations and individual users in the region play an important role in improving cybersecurity by staying informed about evolving threats and practicing good cyber hygiene. Dedicated security solutions, including Kaspersky Next for organisations and Kaspersky Premium for individuals, can further help reduce exposure to cyber risks,” said Moses Munguti, Technical Expert & Team Lead in Africa at Kaspersky.
Malware often reaches devices through phishing emails, messages, or malicious websites that rely on social engineering to trick users into clicking harmful links or downloading infected files. Attackers can also exploit vulnerabilities in outdated operating systems, browsers, or applications to install malicious software without the user’s knowledge. To reduce the risk of infection, individuals and organisations should exercise caution when handling links and attachments, always verifying the sender before opening files or clicking on unfamiliar links. Software should only be downloaded from official and trusted sources, and systems and applications should be updated promptly whenever security patches become available.
advertisement
Strong cybersecurity practices are equally important in protecting devices and data. Using strong, unique passwords for different accounts and enabling multi factor authentication wherever possible adds an additional layer of protection against unauthorized access. Installing reputable security software can help detect and block malware before it compromises a system, while regularly backing up important data ensures that information can be recovered if an attack occurs. Staying informed about emerging cyber threats and maintaining good digital hygiene are essential habits that help safeguard both personal and organisational systems.