- Linux containers in 2025 and beyond
- LinkedIn gets its own suite of video tools as it grows video presence on platform
- One of my favorite Android smartwatches has a 100-hour battery life - and it's on sale
- Cybersecurity for Businesses of All Sizes: A Blueprint for Protection
- Reaching My Ultimate Goal: Cisco Live!
Surge in Infostealer Attacks Threatens EMEA Organizations
Organizations in Europe, the Middle East and Africa (EMEA) are facing a dramatic increase in infostealer attacks, according to Check Point.
In its latest EMEA Cyber Threat Intelligence report, launched on February 4 during its CPX 2025 Vienna conference, Check Point Research observed a 58% increase in infostealer attacks targeting organizations in the region over the past year.
The firm added that it saw over 10 million stolen credentials associated with EMEA organizations available for sale in underground cybercrime markets.
Additionally, three infostealer malware strains, AgentTesla, Lumma Stealer and FormBook, were among the top malware threats in the region, frequently targeting VPN credentials and authentication tokens.
Check Point said this explosion of infostealers is fueling a rise in stolen credentials, session hijacking and corporate breaches.
“Session hijacking is now a primary technique for bypassing multifactor authentication (MFA), allowing attackers to gain persistent access to corporate environments,” the report noted.
According to Sergey Shykevich, Check Point’s Group Manager of Threat Intelligence, the rise of infostealer malware also proves the adversaries’ ability to adapt.
“Cybercriminals are no longer just breaching systems—they are selling access. The rise of infostealers and initial access brokers has created an underground marketplace where stolen credentials fuel a wider range of cyberattacks, including ransomware and financial fraud,” Shykevich added.
During his CPX 2025 opening speech, Check Point’s newly appointed CEO, Nadav Zafrir, admitted that cyber attackers are often “more agile” than defenders, which creates an “asymmetric arms race.”
“Cybersecurity is a learning competition, and the good guys must learn from the bad guys, too,” Zafrir said.
EMEA Cyber-Attack Statistics
Check Point’s report showed that organizations in the EMEA region experienced fewer cyber-attacks than entities globally, with an average of 1679 cyberattacks per week in the past six months.
In the EMEA region, African countries faced the highest number of attacks, with Ethiopia being the most targeted, followed by Uganda, Angola and Ghana.
Education and Research was the most attacked industry, with an average of 4247 weekly attacks per organization, followed by Communications, Military and Healthcare – a top four aligned with Check Point’s global trends report.
Retail and Wholesale organizations were more targeted in EMEA than elsewhere, reaching fifth place in the region. Utilities ranked fifth globally.
Other key EMEA takeaways include:
- Data extortion shift confirmed: Ransomware actors now primarily focus on stealing sensitive corporate data rather than encryption-based extortion
- Phishing as a top vector: Phishing remained a top threat vector, with 62% of malicious files delivered via email in the last 30 days
- FakeUpdates (aka SocGholish) was the top malware affecting the region
- AI-powered disinformation comes from all kinds of adversaries, including hacktivists and nation-state groups
