Malaysian personal data highly valued on dark web

Cybercrime in Malaysia is on an alarming upward trend, with reports indicating over 67,000 cases and losses exceeding RM2.7 billion in 2025, a 76% increase from the previous year. The country recorded 18.8 million web-based threats, averaging over 51,000 attacks daily. Online purchases, non-existent investments, and loan scams are among the most frequent modus operandi.

Alexander Popov, Lead Security Researcher and Head of Open Source Program Office at Positive Technologies, shared insights into new tactics employed by cybercriminals targeting Malaysian personal data and industries. He stated that in cyberattacks against Malaysia, threat actors most frequently use malware, particularly ransomware (85% of cases), followed by social engineering (23%). These methods are globally popular.

Popov highlighted the increasing popularity of classic and double extortion schemes, where attackers not only encrypt victim infrastructure but also steal sensitive data, threatening to leak it if ransom is not paid. Notable Malaysian examples include disruptions at Kuala Lumpur International Airport, where attackers demanded $10 million, and attacks by the Devman ransomware group on a major IT company, demanding half a million dollars.

According to Positive Technologies' data up to the end of 2025, the manufacturing and finance sectors remain the most targeted industries in Malaysia. However, there's a notable rise in attacks against the IT sector, a global trend. IT companies are targeted due to their strong financial standing, possession of sensitive data, and their role as intermediaries, granting attackers access to numerous client infrastructures. This makes the IT sector a critical vulnerability for supply chain attacks affecting other industries.