According to Kaspersky telemetry, in 2025, spyware and password stealers attacks showed the biggest year-over-year growth in Nigeria among different analysed malware types.
Spyware, which is a type of malicious software installed on users’ devices to collect their data, grew in the number of attacks by 28% compared with the previous year. Password stealers, designed to gather users’ account information, increased in the number of attacks by 22%.
Exploits decreased slightly in the number of attacks in Nigeria, however they remain an acute threat that should not be underestimated. These are programs designed by cyber attackers to take advantage of vulnerabilities in an application or operating system to gain unauthorised access to it and to cause unintended behaviour to occur on software.
Ransomware, though very targeted in distribution, remains a high-risk threat for organisations, who should also guard themselves from supply chain and trusted relationship attacks.
Overall, Kaspersky security tools blocked more than 4 million online attack attempts on users in Nigeria in 2025. Online threats typically include different types of malware attacks, such as for example, password stealers, exploits, spyware, etc. Another 9 million on-device threats were blocked in the country, including malware delivered via infected USB drives.
“Operations coordinated by INTERPOL, such as Serengeti to which Kaspersky has contributed, demonstrate how international cooperation and threat intelligence sharing can strengthen the fight against cybercrime across Africa. At the same time, both organisations and individual users in the region play an important role in improving cybersecurity by staying informed about evolving threats and practicing good cyber hygiene. Dedicated security solutions, including Kaspersky Next for organisations and Kaspersky Premium for individuals, can further help reduce exposure to cyber risks,” said Moses Munguti, Technical Expert & Team Lead in Africa at Kaspersky.
Malware often reaches a device through phishing messages and websites employing social engineering techniques. If an operating system, browser, or application is outdated, attackers may exploit security flaws to install malware. To significantly reduce the risk of infections with malware, Kaspersky experts advise individuals and organisations to follow these best practices:
- Be cautious with links and attachments received, verify the sender before opening files or clicking links.
- Download software only from official sources.
- Install updates for systems and applications as soon as they become available.
- Use strong, unique passwords and enable multi-factor authentication wherever possible.
- Install reputable security software that can detect malware before it compromises the system.
- Regularly back up important data.
- Staying informed about current cyber threats and maintaining good digital hygiene helps keep devices and data safe.
