Gen Threat Report Unmasks Surge in PharmaFraud Scams and the Evolving Face of Cybercrime in an AI-Powered World

Rhea-AI Summary

Gen (NASDAQ: GEN) has released its Q2/2025 Threat Report, revealing significant cybersecurity challenges in an AI-powered threat landscape. The company identified and blocked 1 million attacks from over 5,000 fake pharmacy websites in a scheme dubbed "PharmaFraud." The report highlights several concerning trends, including a 21% increase in data breaches, a 340% surge in financial scams, and a 100% rise in sextortion scams.

In a significant breakthrough, Gen successfully cracked the first known AI-powered ransomware, FunkSec, releasing a free decryptor for victims. The report also details a dramatic increase in Facebook-based threats, with 14% of blocked threats linked to Technical Support Scams. Additional findings include a 317% increase in malicious push notifications and a 62% rise in remote access attacks.

Positive

• Successfully blocked 1 million PharmaFraud attacks, protecting users from fake pharmacy scams
• Developed and released free decryptor for AI-powered FunkSec ransomware
• Demonstrated strong threat detection capabilities across multiple cybersecurity vectors
• Expanded protection services through Norton Genie and Avast Scam Guardian

Negative

• 21% increase in data breach events with 16% rise in breached emails
• 340% surge in financial scams, particularly on Facebook
• 317% spike in malicious push notifications threatening users
• 62% increase in remote access attacks indicating growing cybersecurity challenges

Insights

Cybersecurity Analyst

Gen's threat report reveals strong defensive capabilities against emerging cyber threats, positioning it favorably in the rapidly evolving cybersecurity landscape.

Gen's Q2/2025 Threat Report showcases the company's proactive stance in the cybersecurity space with several significant technical achievements. The blocking of 1 million pharmacy-related attacks demonstrates their threat detection infrastructure's scale and effectiveness. Their researchers' ability to crack AI-powered ransomware (FunkSec) and provide a free decryptor represents valuable technical expertise that enhances their market position.

The identification of over 5,000 fraudulent pharmacy domains and the coining of "PharmaFraud" positions Gen as a thought leader identifying emerging threat categories. This intelligence-gathering capability adds significant value to their security products and validates their research investment. The documented increases in various attack vectors – 21% rise in data breaches, 340% in financial scams, and 100% in sextortion – provide measurable metrics showing both the growing threat landscape and Gen's detection capabilities.

Gen is effectively leveraging these security insights across their product portfolio, integrating threat intelligence into solutions like Norton Genie and Avast's Scam Guardian. This cross-pollination between their research division and product teams creates a virtuous cycle: better threat intelligence leads to improved products, which then capture more threat data.

From a competitive standpoint, Gen's ability to work with law enforcement on the FunkSec case demonstrates valuable relationships with authorities and positions them as a responsible security partner. Their detailed analysis of social media threats, particularly the Facebook-based financial and tech support scams, shows adaptability in tracking threats across platforms where users are most vulnerable.

Gen blocks 1 million fake pharmacy attacks, releases free ransomware decryptor, and tracks increasing data breaches, financial scams, sextortion and tech support scams

TEMPE, Ariz. and PRAGUE, July 30, 2025 /PRNewswire/ -- Gen (NASDAQ: GEN), a global leader powering Digital Freedom with a family of trusted brands including Norton, Avast, LifeLock, MoneyLion and more, today released its Q2/2025 Gen Threat Report. Gen researchers explore how AI is changing the game for cybercriminals, notably uncovering over 5,000 highly convincing fake pharmacy websites scamming people seeking high-demand prescriptions and helping take down the first known ransomware developed using AI. The team of Gen researchers also report a 21% growth in data breaches, a 340% increase in financial scams, a 100% increase in sextortion scams, and a surge in Tech Support Scams running rampant on Facebook.

"Cyber threats continue to be smarter, faster, and more personal," said Siggi Stefnisson, Cyber Safety CTO at Gen. "From AI-powered ransomware to fake online pharmacies, the risks are real – and increasingly difficult for people to spot. But with global cooperation, advanced detection, and a relentless commitment to developing products that stop the latest threats, we can stay one step ahead. While threats continue to evolve, so does our ability to fight them."

PharmaFraud: Sophisticated Scams Masquerading as Medicine

When you need medication – whether it's a routine antibiotic, a high-demand weight loss treatment, or something more private – the internet can seem like the quickest, most discreet option. Cybercriminals now know it. Gen researchers dubbed the growing threat of fraudulent online pharmacies "PharmaFraud," and exposed a vast network of more than 5,000 web domains selling in-demand drugs such as erectile dysfunction treatments, weight-loss medications, and antibiotics—products often sought quickly, privately, or at lower cost. In 2025, Gen has blocked 1 million attacks coming from these sites against unsuspecting online shoppers.

These PharmaFraud operations use a range of tactics: injecting malicious code into medical websites, manipulating search results, deploying AI-generated health blogs and fake reviews. The sites are convincing imitations with polished layouts, bogus customer service information, and detailed product pages. But buyers beware – what may appear legitimate is often a scam, resulting in financial fraud and identity theft. Behind the scenes are red flags, such as low-cost offers for prescription-only drugs, missing contact information, requests for cryptocurrency payments, unsecured checkout processes, and prompts for sensitive personal, medical, or financial data.

Beating the Bots: Gen Cracks AI-Powered Ransomware

Gen continues to uphold its commitment to help victims of ransomware, uncovering a critical cryptographic flaw in FunkSec. This was the first known ransomware strain partially built using AI. While the malware successfully encrypted data and demanded payment, the Gen research team worked with law enforcement to help victims recover their files without paying via a free decryptor released by Avast. FunkSec has since gone quiet.

Financial and Tech Support Scams Flourishing on Facebook

The risk of being targeted by a financial scam increased 3-fold (340%) from April to June 2025, with many traced back to deceptive ads and fake pages on Facebook. Scammers used everything from deepfake videos to chatbot forms to collect personal and financial data—often under the guise of legal help or investment offers.

At the same time, 14% of all blocked Facebook threats were linked to Technical Support Scams, a sharp rise driven by phony Messenger-style pages that locked browsers and pushed users to call fake help lines. Facebook's reach and ad infrastructure continue to make it a powerful tool for fraud at scale.

Other key highlights from the report include:

• +21% increase in data breach events, with breached emails increasing by nearly 16%.
• Lumma Stealer remained active post-takedown, using a fresh infrastructure to continue transferring stolen data.
• +317% spike in malicious push notifications, often disguised as video players or system alerts.
• +62% rise in remote access attacks, led by the return of Wincir RAT and abuse of cloud services like OneDrive.
• DealPly adware, a threat that has been steadily declining, made a comeback particularly in the US, Brazil, France and India.
• A target on small businesses with infostealers, exploits, and remote access tools. Scams remained the top threat to small businesses.

The Gen family of trusted brands helps protect people from falling victim to the scams highlighted in this report through solutions like Norton Genie scam protection, available as a standalone app and included as part of the Norton 360 lineup, and Scam Guardian, newly added scam protection included with Avast Free Antivirus and Avast Premium Security. For Identity Theft, LifeLock helps keep people covered in the event of a breach or data exposure.

To read the full Q2/2025 Gen Threat Report, visit https://www.gendigital.com/blog/insights/reports/threat-report-q2-2025. 

About Gen

Gen (NASDAQ: GEN) is a global company dedicated to powering Digital Freedom through its trusted consumer brands including Norton, Avast, LifeLock, MoneyLion and more. The Gen family of consumer brands is rooted in providing financial empowerment and cyber safety for the first digital generations. Today, Gen empowers people to live their digital lives safely, privately and confidently for generations to come. Gen brings award-winning products and services in cybersecurity, online privacy, identity protection and financial wellness to nearly 500 million users in more than 150 countries. Learn more at GenDigital.com.

Media Contacts:

Brittany Posey-Thomas
Gen
Press@GenDigital.com

Courtney Rowles
Edelman for Gen
Courtney.Rowles@edelman.com

 

View original content to download multimedia:https://www.prnewswire.com/news-releases/gen-threat-report-unmasks-surge-in-pharmafraud-scams-and-the-evolving-face-of-cybercrime-in-an-ai-powered-world-302517293.html

SOURCE Gen Digital Inc.

FAQ

What major cybersecurity threats did Gen (NASDAQ: GEN) identify in Q2 2025?

Gen identified several major threats including PharmaFraud affecting 5,000+ domains, a 340% increase in financial scams, 21% rise in data breaches, and the first AI-powered ransomware called FunkSec.

How many fake pharmacy attacks did Gen block in 2025?

Gen blocked 1 million attacks from fraudulent pharmacy websites targeting online shoppers in 2025.

What is PharmaFraud and how does it operate according to Gen's report?

PharmaFraud is a sophisticated scam involving over 5,000 fake pharmacy websites that use AI-generated content, malicious code injection, and search manipulation to sell fraudulent medications and steal personal information.

How has AI impacted cybercrime according to Gen's Q2 2025 report?

AI has enabled more sophisticated cyber threats, including the first AI-powered ransomware (FunkSec), AI-generated health blogs for pharmacy scams, and more convincing fraudulent websites.

What is the significance of Gen's FunkSec ransomware breakthrough?

Gen discovered a critical cryptographic flaw in FunkSec, the first known AI-powered ransomware, and released a free decryptor helping victims recover files without paying ransom.

How have Facebook-related cyber threats evolved in Q2 2025?

14% of all blocked Facebook threats were Technical Support Scams, with criminals using deepfake videos and chatbots to conduct financial fraud through deceptive ads and fake pages.