Trending

ee-track">
Link copied!

Malaysia Q4 Cyber Report: Fraud & Ransomware Surge

CyberSecurity Malaysia's Cyber999 Q4 2024 Report reveals a 4% drop in cyber incidents, but ransomware surged by 78%. Fraud remains the top threat, while botnets and data breaches persist. Read the full analysis of Malaysia’s cybersecurity trends and 2025 projections.

March 3, 2025 · 4 min read
Malaysia Q4 Cyber Report: Fraud & Ransomware Surge

Overview

The Cyber Incident Quarterly Summary Report for Q4 2024 provides an overview of computer security incidents handled by the Cyber999 Incident Response Centre of CyberSecurity Malaysia. This report highlights incident statistics, categorization, and security alerts issued in the quarter, reflecting only the number of reported cases without considering financial losses or other consequences.

CyberSecurity Malaysia collaborates with ISPs, CERTs, Special Interest Groups (SIGs), and Law Enforcement Agencies (LEAs) to mitigate cyber threats targeting Malaysian organizations and citizens.

Cybersecurity Trends in Q4 2024

Malaysia’s internet user base is projected to increase by 5.74% from 2024 to 2029. The Cyber999 Incident Response Centre actively gathers intelligence and collaborates with global entities to enhance cybersecurity defenses.

In Q4 2024, Cyber999 recorded 1,550 incidents, marking a 4% decrease from the 1,623 incidents in Q3 2024.

Breakdown of Incidents Per Month in Q4 2024:

Incident CategoryOctoberNovemberDecember
Denial of Service012
Fraud (Total)372333402
Vulnerabilities Report111211
Intrusion263316
Intrusion Attempts303433
Malicious Codes18915
Content Related535345
Spam12721
Total522483545

Key Findings:

  • Fraud (71%) remains the most reported category, with phishing being the dominant attack method.
  • Data breaches (10%) continue to threaten Malaysian cybersecurity.
  • Intrusion attempts (6%) and vulnerability exploitation saw notable increases.

Projected Trends for 2025

  • Online scams and frauds will continue evolving with advanced social engineering techniques.
  • Data breaches may rise unless organizations implement stricter security policies.
  • New malware tactics, particularly through phishing and malicious APKs, could proliferate in Malaysia’s digital space.

Top Malware Incidents in Q4 2024

Malicious Android Package (APK) files were the most reported malware incidents in Q4 2024. These APKs are used to install malware on Android devices, often disguised as legitimate applications. Attackers spread these through phishing emails, fake websites, or third-party app stores.

Ransomware Incidents: A Growing Concern

Ransomware cases increased by 78% in Q4 2024, rising from 9 cases in Q3 to 16 cases in Q4. Businesses, especially those relying on Active Directory (AD) servers, were primary targets.

Common Attack Methods:

  • AD Server Exploitation: Ransomware operators use PsExec, Group Policy Objects (GPOs), and WMI to spread malware across networks.
  • Virtualization Platform Vulnerabilities: Attackers targeted VMware and ESXi servers to compromise multiple virtual machines simultaneously.
  • Credential-Based Attacks: Ransomware groups used phishing, brute force, and stolen credentials to infiltrate corporate environments.

Top Ransomware Variants Reported:

Ransomware VariantNumber of Incidents
Lockbit3
MedusaLocker2
Valencia2
Hunters International1
NETCrypton1
Akira1
Crypto241
Ransomhub1
Arcus Media1

Security Recommendations:

  • Maintain offline backups and implement multi-factor authentication (MFA).
  • Regularly update endpoint security and deploy network segmentation.
  • Conduct phishing awareness training for employees.

Botnet Infections and Cryptojacking Trends

Top Botnets in Malaysia in Q4 2024

A botnet is a network of compromised computers controlled by cybercriminals. These were commonly used for DDoS attacks, phishing, credential theft, and cryptojacking.

Botnet NameInfected IPs
Avalanche-Andromeda5,262,332
NGIOWEB3,572,998
Android.VO1D3,508,305
SOCKS5Systemz1,218,466
AdLoad509,895
ViperSoftX333,608
Downadup224,192
Android.Triada218,425
Avalanche187,297
PseudoManuscrypt151,174

Infostealers: A Persistent Threat

Infostealers are malware programs designed to steal sensitive data, including:

  • Saved browser credentials
  • Auto-filled login details
  • FTP and email account credentials
  • VPN authentication data

These threats emphasize the need for password managers and strict endpoint protection policies.

Data Breach Incidents: A Persistent Challenge

While data breaches decreased by 10% this quarter, they remain a serious concern. Major breaches often expose Personally Identifiable Information (PII), including:

  • Names and identification numbers
  • Addresses and phone numbers
  • Financial details

Ransomware-Driven Data Extortion

Cybercriminals increasingly steal sensitive data and demand ransoms before releasing or selling it on the dark web. Organizations should work with law enforcement rather than negotiating with cybercriminals.

Recycled Data Breaches

A rising trend involves cybercriminals re-posting old data leaks and falsely claiming them as new breaches. This tactic creates unnecessary panic and reinforces the need for strong incident response strategies.

Conclusion: Key Takeaways for Q4 2024

  • Total incidents decreased by 4% compared to Q3 2024, with fraud and phishing remaining dominant threats.
  • Ransomware cases surged by 78%, highlighting the need for stronger security measures.
  • Botnets and infostealers continue to compromise sensitive user and corporate data.
  • Data breaches persist, reinforcing the need for better cyber hygiene and organizational security protocols.

Recommendations for 2025

  1. Strengthen Endpoint Security: Deploy AI-driven threat detection and advanced email filtering.
  2. Adopt Zero-Trust Models: Enforce strict authentication protocols and network segmentation.
  3. Enhance Employee Awareness: Conduct regular cybersecurity training and simulated phishing exercises.
  4. Backup & Disaster Recovery: Implement secure, offline backups to mitigate ransomware damage.
  5. Collaborate with Authorities: Report cyber incidents to Cyber999 and law enforcement to aid in investigations and remediation.

With evolving cyber threats, Malaysia’s cybersecurity landscape requires continuous monitoring, collaboration, and proactive defense measures to mitigate future risks.

Reference: https://www.mycert.org.my/portal/advisory?id=SR-029.022025

https://www.statista.com/statistics/553752/number-of-internet-users-in-malaysia

AI Threat Intelligence

Stop Executive Threats
Before They Strike

Monitor dark web chatter, detect lookalike domains, and protect your C-suite from targeted impersonation — in real time, across 50+ countries.

Scroll to Top

Book your session

Request a Personalized Demo

See how Cyble's threat intelligence protects your organization. A specialist will reach out within one business day.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams

Download the brochure

Get the Cyble Vision Brochure

Explore how Cyble Vision delivers AI-powered threat intelligence across your attack surface. Fill in your details to access the brochure.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams