The State of Cybercrime 2024: Key Threats & What’s Coming in 2025

2024 was a defining year for cybercrime. Infostealers fueled credential leaks at an unprecedented scale, ransomware gangs shifted their tactics, and AI-powered threats emerged as a new battleground. As cybercriminals evolved, so did their methods—blurring the lines between financially motivated attacks, hacktivist operations, and state-sponsored campaigns.

KELA’s newly released report, The State of Cybercrime 2024, provides an in-depth look at the past year’s most significant cyber threats and offers expert predictions for 2025.

Key Takeaways from the Report:

🔹 Infostealers as a growing initial access vector – Over 4.3M machines were infected, leading to the compromise of 330M+ credentials. 🔹 Ransomware evolution – Attackers expanded their monetization strategies, shifting toward data theft, supply-chain attacks, and affiliate-based operations. 🔹 AI-powered threats on the rise – Deepfake abuse, LLM jailbreaks, and backdoored AI models became new tools in the cybercrime arsenal. 🔹 Hacktivist activity surged, with 200+ new groups and 3,500+ DDoS attacks linked to geopolitical events. 🔹 State-backed cybercrime blurred the lines, with government-sponsored actors adopting cybercriminal tactics to achieve strategic objectives.

What’s Next in 2025?

Looking ahead, cybercriminals will continue to innovate, using AI, stolen credentials, and vulnerabilities as primary attack vectors. Ransomware groups will adapt to increasing law enforcement pressure, and state-sponsored actors will become harder to distinguish from traditional cybercriminals.

The best defense is proactive intelligence. The State of Cybercrime 2024 equips security teams with the insights they need to prepare for the evolving threat landscape.

📥 Download the full report here!