Artificial intelligence is on the brink of a significant evolution, with ‘agentic’ models—capable of autonomous reasoning, planning, and action—set to revolutionise cybercriminal tactics in 2025. According to Malwarebytes’ 2025 State of Malware report, these advanced AI systems will enable more scalable and efficient attacks, posing unprecedented challenges to cybersecurity.
The report highlights a 13% year-over-year increase in known ransomware attacks, despite the decline of prominent groups like LockBit and ALPHV. This surge is attributed to the emergence of smaller, less predictable ‘dark horse’ ransomware gangs targeting small and medium-sized businesses. Notably, 2024 witnessed the largest known ransomware payment to date, with an unidentified victim transferring $75 million into a cryptocurrency wallet.
Marcin Kleczynski, Founder and CEO of Malwarebytes, emphasised the evolving threat landscape: “The shift from large ransomware groups to smaller, unpredictable threat actors, combined with the increasing role of AI, means businesses must increase their cybersecurity vigilance and make holistic endpoint security a priority.”
Agentic AI models represent a significant advancement over current generative AI tools. While existing systems like ChatGPT and DALL-E assist users in generating text and images based on prompts, agentic AI can autonomously execute tasks without human intervention. This capability allows AI agents to independently discover vulnerabilities, steal credentials, and infiltrate accounts.
Cybercriminals are expected to leverage agentic AI to enhance phishing campaigns, evade detection, and fine-tune attacks. For instance, AI agents could autonomously search vast datasets to match leaked personal information with public email addresses, crafting personalised phishing emails that threaten further data exposure unless a ransom is paid. They might also scrape social media platforms to create convincing fake profiles for use in scams or analyse public records to identify potential targets for fraud.
Lee Wei, Senior Vice President of Customer & Product at Malwarebytes, noted the increasing speed of attacks: “The full attack cycle has gone from weeks to hours and, in some cases, minutes. Organisations need eyes on their endpoints 24/7 to stay on top of threats, and that often means deploying managed services, like Managed Detection and Response , that can assist teams in filling the gaps.”
The rise of agentic AI signifies a turning point in cybersecurity, intensifying the arms race between AI-powered attackers and AI-enhanced defence mechanisms. As businesses begin to explore AI for productivity and security, cybercriminals are simultaneously adopting it to improve their tactics. This escalation necessitates a reevaluation of traditional defence strategies.
Security teams are urged to integrate AI-driven threat detection and response systems to keep pace with the increasing sophistication of AI-driven cyberattacks. Proactive measures, continuous monitoring, and investment in advanced cybersecurity solutions are essential to counteract these emerging threats.
