ISLAMABAD: A global cybersecurity company warned on Friday that the cybercriminals are selling compromised data and credentials of citizens through platforms of telegram channels and dark web forums, pointing towards immediate precautionary measures for users.
Kaspersky shares a new report with an overview of ransomware trends that marked 2025 and insights into what the threat landscape holds in 2026. According to Kaspersky Security Network, in 2025 Latin America had the highest share of organizations with ransomware attacks detected (8.13pc), followed by the Asia-Pacific region (7.89pc), Africa (7.62pc), Middle East (7.27pc), the Commonwealth of Independent States (CIS, 5.91pc) and Europe (3.82pc).
The report highlighted the rise of “encryption-less” extortion attacks, the use of post-quantum cryptography by ransomware groups, and the persistent use of Telegram channels by cybercriminals to distribute compromised data sets and credentials.
Despite a slight decline in the overall share of organizations attacked by ransomware in 2025 compared to 2024, users remain at significant risk as attackers industrialize their operations, automate intrusion methods, and increasingly focus on stealing and leaking sensitive data rather than simply encrypting systems.
One of the trends in 2025 is the continued rise of endpoint detection and response (EDR) “killers” – tools specifically designed to disable endpoint security solutions before executing the malware itself. EDR killers have become a standard component of attacks, which means more deliberate and methodical intrusions.
Telegram channels and dark web forums continuously function as platforms for the distribution and for the sale of compromised data sets and accesses including those that were obtained as a result of ransomware attacks.
Copyright Business Recorder, 2026

















Comments