265M cyber attacks in India recorded by Seqrite, reported, and new Ransomware Recovery tools

“A huge number of cyber attacks have been reported in India by Seqrite, and recovery tools have been released to deal with them.”

The India Cyber Danger Report 2026 and two business-grade services that address one of the most severe danger phases the nation has ever experienced were issued by Seqrite, the enterprise division of Quick Heal Technologies Limited, a worldwide provider of cybersecurity solutions.

The largest malware analysis lab in India, Seqrite Labs, created the research, which paints a vivid picture of a rapidly expanding threat landscape that impacts all industries.

Seqrite Labs reported 265.52 million detections while monitoring over 8 million endpoints between October 2024 and September 2025. This is equivalent to 505 detections each minute and over 7,27,000 detections per day.

With 88.4 million Trojan detections and 71.1 million File Infector detections, Trojans and File Infectors predominate in this environment. When taken as a whole, they account for around 70% of all attacks against Indian organizations.

More than 34 million unusual actions were found by Next Generation Antivirus (NGAV) and Anti-Ransomware (ARW) engines. January 2025 saw a peak in ransomware activity with 185 incidents and 113,000 detections.

There were 6.5 million reports of cryptojacking. Over 9.2 million network-based scans were used to try to breach SysAid systems, Apache Tomcat, and WordPress plugins.

Geographically, the most afflicted states were Maharashtra (36.1 million detections), Gujarat (24.1 million), and Delhi (15.4 million), with the most targeted cities being Mumbai, New Delhi, and Kolkata.

From an industrial standpoint, the manufacturing, healthcare, and education sectors collectively accounted for about 47% of all detections, indicating their resource limitations and criticality, which render them susceptible to widespread attacks.

The India Cybersecurity Preparedness 2026 Survey supports these conclusions by showing that although adoption rates are high in areas like advanced malware protection (86.7%) and backup readiness (78.5%), there are still large gaps in incident response, secure configuration, and asset cleanliness.

India’s overall cybersecurity readiness is still uneven, with an average maturity score of 6.37/10, making enterprises susceptible to contemporary and rapidly changing threats.

Seqrite has also offered Ransomware Recovery as a Service in light of the criticality of today’s cyber threat scenario and the significant financial loss that organizations experience each time operations are disrupted.

By providing expert-led, forensic-grade recovery that integrates cutting-edge cryptanalysis, unique recovery tools, and separated restoration workflows to securely and swiftly recover encrypted files, this specialist recovery solution fills the critical gap between breach and restoration.

Organizations may confidently return to normalcy thanks to their certified restoration, which stops reinfection and guarantees that business operations resume without hidden hazards. Additionally, we have introduced Seqrite Digital Risk Protection Services (DRPS), a Software as a Service (SaaS) platform intended to identify, track, and eliminate digital threats that are present outside of conventional IT boundaries.

With ML-driven threat detection and predictive and continuous monitoring, Seqrite DRPS helps businesses to proactively protect their brand, data, and reputation. Constantly scanning marketplaces, social media platforms, and the dark web makes it easier for businesses to track phony accounts, counterfeit listings, domain spoofing, and IP misuse to protect consumer trust and brand reputation.

A dedicated Seqrite DRPS war room guarantees quick takedowns, legal escalations, and crisis management, while automated, audit-ready reports provide comprehensive digital proof for investigations.

Dr. Sanjay Katkar, Joint Managing Director, Quick Heal Technologies Ltd.

Ransomware syndicates, state-aligned actors, and cybercriminal groups continue to be drawn to India due to its extensive user base, cloud use, and digital progress. The emergence of hybrid attacks motivated by ideological, political, and financial factors is shown in cyberattack campaigns like Operation Sindoor.

Advanced persistent threat activity, zero-day vulnerabilities, ransomware operations, malware families, and evolving attack methods are all covered in detail in the India Cyber Threat Report 2026.

Organizations of all sizes can use the report’s wealth of useful information. In addition to delving deeply into India’s danger landscape, it offers specific forecasts for the upcoming year as well as doable solutions that businesses may use to bolster their defenses against foreseen threats.

14 of the 20 forecasts from the previous edition came to pass, confirming Seqrite’s standing as a specialist with a track record of anticipating new dangers in the Indian market. Predictive intelligence, identity-centric defense, AI security hardening, automated patch management, resilience frameworks, collaboration, and ongoing training are all covered in this year’s report’s recommendations, which provide companies with a road map for enhancing security readiness in an increasingly complex environment.

About The Author

Suraj Koli is a content specialist in technical writing about cybersecurity & information security. He has written many amazing articles related to cybersecurity concepts, with the latest trends in cyber awareness and ethical hacking. Find out more about “Him.”

Read More:

GPS Spoofing of Flights Reported at Important Airports like Delhi, Mumbai, Chennai: Centre tells RS

About Author

daksh kataria

See author's posts