Kaspersky revealed on the 7th that the number of web-based cyber attacks detected in South Korea from January to March 2025 reached 3,063,343.
Kaspersky analyzed data collected through its cloud threat intelligence infrastructure “Kaspersky Security Network” to compile these figures. This infrastructure quickly detects advanced threats and unknown malware based on data provided by millions of voluntary participants worldwide.
According to the report, the rate of domestic users exposed to web-based threats was 13.7%, with particularly fileless malware emerging as a major threat, as it leaves no traces on the disk. Fileless malware can infect users just by visiting a website without any user intervention, utilizing Windows registry or WMI subscriptions to maintain persistence, making detection difficult.
To combat these threats, Kaspersky offers machine learning-based behavioral analysis technology and exploit prevention features that block attacks targeting software vulnerabilities in real time. Additionally, social engineering attacks that exploit human psychology to attempt data breaches or account thefts were identified as major threats.
Meanwhile, local-based threats during the same period amounted to 1,835,168, with the proportion of users targeted by local threats reaching 21.5%. Local infections are primarily caused by worms and file viruses transmitted via USB drives or CD/DVDs, requiring antivirus solutions and removable device controls to defend against these threats.
Additionally, there were 1,595,680 cyber incidents originating from servers hosted in the country in the last three months, ranking 19th globally.
Lee Hyo-eun, head of the South Korean branch of Kaspersky, said, “As new types of threats utilizing artificial intelligence (AI) continue to increase, it is important to actively utilize threat intelligence and strengthen cyber security awareness.”