When cities that are targets for malware specialists are discussed, Bengaluru, Hyderabad, or Pune usually come to mind.
Instead, Surat is now ranked first.
In India, it reportedly has the highest number of malware threats. According to a national daily news story, the findings are included in the India Cyber Threat story 2025.
The cybersecurity company Seqrite and the Data Security Council of India (DSCI) collaborated to generate the study. Between October 2023 and September 2024, it recorded 369 million malware detections on 8.44 million devices.
That’s 702 possible attacks per minute on average.
Surat alone accounted for 14.6% of India’s total. The report claims that Surat was vulnerable to 69.3 threats per device.
This figure was far ahead of Bengaluru, which had 56.7 detections per device, and Hyderabad at 54.9.
With 38.9 detections per device, Ahmedabad came in sixth place nationwide. About 8% of all malware instances in India were caused by it.
When combined, the two cities show a pattern that cybersecurity experts have cautioned about. Threat actors are moving into smaller, rapidly emerging business centers in addition to more conventional IT hubs.
Malware, ransomware, and phishing attacks are increasingly targeting cities like Surat, which have quickly digitalised their industrial, trade, and logistics sectors.
So, why Surat has become a sitting duck for malware attacks?
Researchers pointed to a combination of industrial vulnerability and better detection. Surat’s manufacturing ecosystem depends heavily on portable storage and shared servers.
These setups are ideal targets for file-infecting malware such as W32.Pioneer.CZ1.
A separate study published in June 2025 shed more light on the issue. It was titled Cybersecurity Challenges in the Digital Transformation of SMEs and was authored by Dharit Naik of Navyug Commerce College, Veer Narmad South Gujarat University.
The study found that 45% of SMEs in Surat had no cybersecurity budget.
It also revealed that 35% lacked skilled IT staff to manage digital threats. Based on a survey of 250 SME owners, the research showed a widespread lack of basic cyber hygiene.
Many employees were unaware of phishing tactics or proper password practices.
Nationwide, trojans and file-infecting malware made up 68% of all incidents. These threats commonly spread through phishing emails and malicious downloads.
Worms, crypto-jacking scripts, and low-grade adware were also among the detected threats.
The report also highlighted a shift in attacker strategy. Behaviour-based detection now accounts for 14.5% of threat identification, suggesting that cybercriminals are bypassing traditional antivirus defences.
Phishing is the top concern for businesses.
About 65% of surveyed organisations reported phishing incidents. Malware and ransomware were next, affecting 50% of respondents.
A worrying 73% of businesses said they weren’t sure if they had already been breached.
Even minor lapses in security could leave dangerous entry points open.
An executive member of the Chief Information Officers Association (Gujarat chapter) said users remained the weakest link in cybersecurity.
He advised that users must verify whether any received link is an APK file, a legitimate email, or from a trusted source. He recommended confirming links directly with bank branches or official websites.
He also raised concerns about mobile gaming. According to him, games downloaded from unauthorised sources can carry hidden threats.
He warned that parents allowing children to play on phones with banking apps are especially at risk. As addiction to non-authentic games grows, so does the risk of financial compromise.
Also Read: Trump’s H-1B Fee Hits Indian Tech Workers Hard, US Firms Turn To Local Hiring https://www.vibesofindia.com/trumps-h-1b-fee-hits-indian-tech-workers-hard-us-firms-turn-to-local-hiring/
