Malwarebytes has recently unveiled its highly anticipated 2025 State of Malware report, shedding light on the rise of agentic artificial intelligence (AI) and the major threats and cybercrime tactics dominating the current landscape. The report delves into the surge in ransomware attacks, the staggering amount of ransom payments made in 2024, and offers insights on how IT teams can effectively combat these threats.
According to the findings of the report, ransomware remains a looming menace for businesses in the coming year. Marcin Kleczynski, the Founder and CEO of Malwarebytes, emphasized the shift from larger ransomware groups to smaller, more unpredictable threat actors, coupled with the growing influence of AI. Kleczynski stressed the importance of bolstering cybersecurity defenses and prioritizing holistic endpoint security to mitigate these evolving threats.
One of the key trends highlighted in the report is the emergence of agentic AI models, capable of reasoning, planning, and acting independently. These advanced AI systems are set to revolutionize cybercriminal tactics, making attacks more scalable and efficient in 2025. As businesses increasingly adopt AI for operational and security purposes, cybercriminals are leveraging this technology to enhance phishing campaigns, evade detection, and optimize their attacks. This escalating arms race between AI-powered attackers and AI-enhanced cybersecurity tools underscores the critical need for organizations to adopt AI-driven threat detection and response mechanisms to counteract the growing sophistication of AI-driven cyberattacks.
The report also underscored a significant uptick in known ransomware attacks, which surged by 13% year-over-year. Despite the decline of dominant ransomware groups like LockBit and ALPHV, smaller, lesser-known ransomware factions have emerged as formidable threats to small and medium-sized enterprises. Moreover, 2024 witnessed the largest ransom payment on record, with an undisclosed victim shelling out a staggering $75 million into a crypto wallet.
Lee Wei, the Senior Vice President of Customer & Product at Malwarebytes, emphasized the evolving nature of ransomware attacks, with the entire attack cycle shrinking from weeks to mere hours, and in some cases, minutes. Wei stressed the importance of organizations maintaining constant vigilance over their endpoints to effectively combat these fast-evolving threats, often necessitating the deployment of managed services such as Managed Detection and Response (MDR) to bridge existing security gaps.
In light of these findings, Malwarebytes encourages organizations to stay informed and proactive in their cybersecurity efforts by leveraging the insights gleaned from the 2025 State of Malware report. To access the full report and delve deeper into the evolving threat landscape, interested parties can visit http://threatdown.com/2025-State-of-Malware.
Overall, as the cybersecurity landscape continues to evolve with the proliferation of agentic AI and the escalating threat of ransomware attacks, organizations must remain vigilant, adaptive, and equipped with robust security measures to safeguard their digital assets and ensure business continuity in the face of evolving cyber threats.