Connect with us

Hi, what are you looking for?

Tech & Science

Cybersecurity threat predictions for 2025: Insights from the dark web

An increase in these activities in 2025 as new data breaches continue to supply criminals with fresh credentials.

What would a cyberattack on your local government look like? Drata analyzed threat trends to break down the growing issue.
What would a cyberattack on your local government look like? Drata analyzed threat trends to break down the growing issue. - THOMAS SAMSON/AFP // Getty Images
What would a cyberattack on your local government look like? Drata analyzed threat trends to break down the growing issue. - THOMAS SAMSON/AFP // Getty Images

Advanced disinformation services, stolen digital identities, smart home vulnerabilities, and AI-driven social engineering — these are some of the predictions about cybersecurity in 2025, based on what hackers talk about on their dark web forums.

These trends have been detected by experts at NordVPN, who attempt to predict the cybersecurity risks for the upcoming year. The company partnered with NordStellar analytics, whose researchers analysed the largest dark web forums to identify the most discussed and emerging topics.

Leaked personal media and customer data continue to circulate widely within these forums,” says Adrianus Warmenhoven, a cybersecurity expert at NordVPN tells Digital Journal.

Warmenhoven sets out five areas that represent the core concerns for the year ahead.

Persistent threats: The scope of account takeovers will expand

The dark web’s most discussed threads, with more than 135,000 comments, focus on “combo lists” — databases filled with combinations of usernames, passwords, and other personal data from various breaches. A closely followed topic, with nearly 26,000 comments, focuses directly on account takeovers that exploit this metadata for unauthorized access.


Due to the common practice of password reuse across multiple sites, possession of login information not only enables hackers to commit fraud and misuse accounts for malicious purposes like conducting fraudulent transactions but also greatly increases the risk of identity theft.

Warmenhoven highlights the danger, pointing out that as long as password reuse continues, these attacks will remain highly effective and popular among cybercriminals. He even predicts an increase in these activities in 2025 as new data breaches continue to supply criminals with fresh credentials.

Emerging threats: Smart home security exploits

Another highly commented thread on the dark web forum, attracting nearly 21,000 comments, focuses on security vulnerabilities in various smart home systems and applications, including precise instructions on how to exploit them.

The 2024 IoT Security Landscape Report analysed approximately 50 million IoT devices, uncovering over 9.1 billion security events globally. On average, home networks experience more than 10 attacks daily against connected devices. This number is only expected to grow in 2025.

Identity theft will remain hackers’ priority due to its high profitability

Fraud discussions rank among the top 10 most commented threads on the dark web, with users sharing tips, tools, and strategies for committing fraud successfully. Credit card and insurance frauds are frequently discussed, but identity theft remains the primary focus for hackers due to its high profitability.

As hackers continue to exploit personal data to infiltrate bank accounts, secure credit cards, and commit tax fraud, identity theft techniques are expected to become increasingly sophisticated.

Imminent rise of new dark strategy – disinformation as a service

According to the World Economic Forum’s Global Risks Report 2024, AI-generated misinformation is ranked as the second-most severe global risk (53%) over the next two years, with extreme weather taking the top spot and cyberattacks ranked fifth.
The dark web is filled with tactics designed to spread disinformation, including the use of thousands of fake social media accounts and numerous spam emails that disseminate propaganda. Also, disinformation bot farms are being developed to distribute false information on a large scale.

AI-driven social engineering will become more sophisticated

AI-driven social engineering is expected to become more sophisticated. Although this topic isn’t widely discussed, forums are filled with detailed tips, tutorials, and real-world examples of how to benefit from this technique. A significant emerging trend is the use of AI to detect vulnerabilities, increasing the complexity of tools designed to manipulate human behavior for information extraction and crafting effective phishing emails.

Also, because of AI based social engineering, employees make more mistakes and companies are less secure.

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Tech & Science

Facebook and Instagram parent company Meta has said it will lay an undersea cable stretching across five continents to carry data.

Business

Data is your GPS — but are you even setting a destination?

Life

Some of these symbionts discovered are close relatives of bacteria pathogenic to animals, including humans.

Life

What’s different now is that more children are presenting with co-infections, such as RSV and flu simultaneously.