Kaspersky has detected an 18 per cent increase in password stealer attacks targeting business users in Southeast Asia. — Photo courtesy of Kaspersky

HCM CITY — Password stealers and backdoor attacks are rapidly emerging as some of the most dangerous cyberthreats facing businesses in Southeast Asia, with Việt Nam among the countries most targeted, according to new findings from cybersecurity and digital privacy company Kaspersky.

The company’s latest telemetry showed an 18 per cent increase in password stealer attacks targeting business users in the region, highlighting how quietly harvested credentials are being used to infiltrate corporate environments without triggering alarms.

In 2025 alone, Kaspersky’s business solutions detected and blocked more than one million password stealer attacks across Southeast Asian corporate networks.

The Philippines recorded the highest increase in password stealer incidents at 41 per cent, followed by Malaysia at 33 per cent and Singapore at 25 per cent. Việt Nam also saw a notable 21 per cent rise, while Indonesia witnessed a 7 per cent increase.

Thailand was an outlier, logging a 21 per cent decrease.

Password stealers are a type of malware that can extract stored credentials from browsers and applications, analyse cache and cookie files, and even gain access to cryptocurrency wallet data.

Cybercriminals use stolen passwords to gain unauthorised access to accounts for financial theft, identity fraud, extortion, and further cyberattacks.

“Password stealers remain one of the most effective tools in a cybercriminal’s arsenal because they target the front door of every organisation: user credentials,” Adrian Hia, managing director for Asia Pacific at Kaspersky, said.

Kaspersky’s analysis of 193 million compromised passwords found that 45 per cent could be cracked within one minute, while only 23 per cent were strong enough to withstand attacks for more than a year.

According to Hia, organisations should reduce risks by deploying password managers that generate and securely store random credentials, while enforcing multi-factor authentication, regular credential audits and least-privilege access policies.

“Training employees and embedding cybersecurity-as-a-culture policies and behaviour in companies is also paramount.”

Indonesia and Việt Nam recorded the highest number of backdoor attacks targeting businesses in Southeast Asia in 2025. — Photo courtesy of Kaspersky

The company also highlighted the urgent need for continuous monitoring and stronger response amid rising backdoor incidents in the region.

Backdoors allow attackers to remotely control a victim’s machine without the consent or knowledge of the user. Once installed, backdoors can be instructed to send, receive, execute and delete files, harvest confidential data from the computer, log the activity on the computer and more.

Kaspersky said its enterprise solutions detected and blocked more than three million backdoor attacks targeting Southeast Asian businesses in 2025, up 17 per cent from 2024.

Indonesia and Việt Nam accounted for the largest number of detections, with 1.58 million and 1.29 million incidents. Thailand followed with over 251,000 cases and Malaysia with 212,000 detections.

Malaysia recorded the steepest annual increase in backdoor attacks (86 per cent), followed by Indonesia (36 per cent).

Việt Nam saw a 3 per cent rise, while Singapore and the Philippines experienced declines.

“The rise of backdoors highlights a critical shift in the threat landscape across Southeast Asia, from breaking in to staying in,” Hia said.

“For businesses, this underscores the need for continuous monitoring, advanced detection and rapid response capabilities to uncover hidden access and prevent sustained cyberattacks.”

Kaspersky’s systems also intercepted more than 46 million on-device attacks on businesses.

These threats are spread through offline methods such as infected USB drives, CDs, DVDs, and malicious files hidden within installers or encrypted files.

While on-device attacks declined by 6 per cent across the region, Việt Nam, Indonesia, and Thailand recorded the highest number of incidents.

Hia noted that Southeast Asia’s role in global supply chains and the continued adoption of remote and hybrid work arrangements are expanding the region’s cyberattack surface.

“It is crucial for businesses across the region to invest adequately in securing their devices, not only to prevent potential financial and data losses but also to avoid being a conduit for further cybercrime.” — VNS