Report an incident

Get 24/7 incident response assistance from our global team

Talk to sales

Just fill out the form, and our representative will contact you soon.

Join the Cybercrime Fighters Club

Please review the following rules before submitting your application:

1. Our main objective is to foster a community of like-minded individuals dedicated to combatting cybercrime and who have never engaged in Blackhat activities.

2. All applications must include research or a research draft. You can find content criteria in the blog. Please provide a link to your research or research draft using the form below.

APAC Intelligence Insights, December 2025
← Research Hub

APAC Intelligence Insights, December 2025

Navigate the year-end surge in cyber aggression with actionable threat intelligence on the adversaries, attack vectors, and AI-driven tactics shaping the Asia-Pacific (APAC) security landscape for 2026.

Download the full APAC Intelligence Insights Report – December 2025 to access proprietary data and strategic recommendations for securing your organization in the new year.

Why This Report Matters

The APAC region is experiencing unprecedented digital acceleration, positioning it as a primary target for sophisticated organized threat groups and nation-state actors.

This report provides the clarity needed to:

Decipher Regional EvolutionDecipher Regional Evolution

Understand how cyber threats are maturing across the region.

Identify High-Risk SectorsIdentify High-Risk Sectors

Pinpoint the industries and geographies facing the highest volume of localized attacks.

Anticipate 2026 TacticsAnticipate 2026 Tactics

Gain early visibility into emerging “Stranger Threats”, including agentic extortion and AI-powered malware.

Operationalize DefenseOperationalize Defense

Convert raw intelligence into practical, defensive decisions to safeguard critical infrastructure and corporate assets.

Key Findings & APAC Cybersecurity Trends in December 2025

Massive Escalation in Malicious ActivityMassive Escalation in Malicious Activity

The final month of 2025 saw a staggering 1,107% increase in compromised bank cards and a 376% surge in compromised accounts.

The Return of LockBitThe Return of LockBit

Ransomware activity rose by 16% this month, with the LockBit group resurfacing to target Manufacturing, Professional Services and Real Estate sectors in India, Thailand and Malaysia.

Geopolitical HacktivismGeopolitical Hacktivism

Political friction between Cambodia and Thailand triggered a 161% increase in DDos and Hacktivisim. The actor KXICIXXSEC specifically targeted Thai government and educational infrastructure, leading to a 9x increase in regional volume.

AI-Enhanced Adversary OperationsAI-Enhanced Adversary Operations

Advanced Persistent Threat (APT) groups like APT42 are now leveraging Large Language Models (LLMs) to automate intelligence processing and refine spear-phishing lures, significantly increasing the success rate of social engineering.

GoldFactory’s Banking “Goldmines”GoldFactory’s Banking “Goldmines”

Group-IB has identified over 300 unique samples of modified banking applications used by the GoldFactory group. With 11,000+ infections, this campaign uses experimental OCR and QR scanning to hijack mobile banking on both iOS and Android.

Zero-Day & Vulnerability ExploitationZero-Day & Vulnerability Exploitation

Technical analysis of the React2Shell (CVE-2025-55182) vulnerability reveals how adversaries are rapidly weaponizing new exploits to gain remote code execution in regional environments.

Who Should Read This Report

This intelligence briefing is designed for professionals responsible for maintaining the integrity and resilience of APAC-based operations:

CISOs and Security DirectorsCISOs and Security Directors

Threat Intelligence AnalystsThreat Intelligence Analysts

Fraud Protection & Banking Security TeamsFraud Protection & Banking Security Teams

Risk & Compliance OfficersRisk & Compliance Officers

Incident Response TeamsIncident Response Teams

Relevant reports

We see the full picture of the evolving cyber threat landscape thanks to unique tools for monitoring the infrastructure used by cybercriminals and data from battlefields:

Fake Investments, Real Consequences: Uncovering Investment Scams Targeting USA and Australia
New
Trend Report
Fake Investments, Real Consequences: Uncovering Investment Scams Targeting USA and Australia
Learn more
Inside Europe’s Manufacturing Cyber Threat Landscape
New
Trend Report
Inside Europe’s Manufacturing Cyber Threat Landscape
Why the biggest risks to industrial operations begin outside the factory
Learn more
Intelligence Insights Report, March 2026
New
Trend Report
Intelligence Insights Report, March 2026
Explore the most notable cybersecurity events in the region and the best practices
Learn more
Intelligence Insights Report, February 2026
New
Trend Report
Intelligence Insights Report, February 2026
Explore the most notable cybersecurity events in the region and the best practices
Learn more