The number of password hacking attacks has almost tripled in Russia.

Since the beginning of 2025, the number of attacks using brute force to gain access to IT systems of Russian organizations has increased 2.7 times compared to the fourth quarter of 2024. This is evidenced by data from a network of sensors and honeypots (traps). the architect of integrated security of Solar Group, reviewed by Izvestia.

The Mafia is waking up: why hackers are switching to nighttime cyber attacks

Cybercriminals expect to remain unnoticed after midnight

At the same time, hackers began to choose victims more carefully and attack them more actively, both for the purpose of espionage and blackmail, and to commit destructive actions against businesses and government agencies.

Most often, the traps recorded bruteforce—type attacks - they accounted for 94% of all events. This can be explained by the hackers' desire to quickly obtain logins and passwords from Russian companies' online IT infrastructures in order to then carry out more complex attacks. The remaining 4% accounted for Path Traversal attacks (attempts to exploit vulnerabilities to illegally gain access to files and directories of the website) and 1% each for CVE (vulnerability exploitation) and Upload (delivery of malicious load to the attacked server).

Since the beginning of the year, the greatest threat to Russian organizations has been posed by stylers (programs for data theft), APT groups, tools for obtaining unauthorized remote access to IT systems, botnets (10%), ransomware (3%), mining (3%), phishing (1%), and malwareuploaders (3%).

Most attacks came from IP addresses in the USA (23%), China (16%), Russia (7%) and India (5%).

Read more in the exclusive Izvestia article:

Key Decoupling: Hackers have intensified password-matching attacks