A Not-So-Common Cold: Malware Statistics in 2023
DataProt is supported by its audience. When you buy through links on our site, we may earn a commission. This, however, does not influence the evaluations in our reviews. Learn More.
Trojan horses, viruses, spyware… Some of these have fancy names, others just sound ominous. But there’s one thing they have in common: You don’t want these anywhere near your computer, smartphone, or tablet.
Malware can take a huge toll on your system. It’s not just the equivalent of catching a cold during winter; it’s much worse. A handkerchief is, unfortunately, of no use here.
You need to know your enemy before you can fight back. That’s why we’ve compiled the latest malware statistics, including some lesser-known facts about this hi-tech plague.
Key Malware Statistics
- 560,000 new pieces of malware are detected every day.
- There are now more than 1 billion malware programs out there.
- Every minute, four companies fall victim to ransomware attacks.
- Trojans account for 58% of all computer malware.
Malware Detection Statistics
There are more than 1 billion malware programs out there.
Since 2013, malware has been spreading exponentially. The initial boom doubled the number of malicious files and programs infecting the web. In the following years, the growth might have slowed down, but it definitely hasn’t stopped. Even with built-in antivirus software protecting the newest operating systems, there’s more malware online than ever before.
560,000 new pieces of malware are detected every day.
The rate at which malware spreads is terrifying. Anti-malware institutes include every new malicious program they find in their malware database. Hundreds of thousands of files become infected by malware on computers and websites every day. These are mostly the result of existing infections that keep spreading like actual diseases. According to the latest statistics, more than 17 million new malware instances are registered each month.
SonicWall has registered more than 3.2 billion malware attacks in the first half of 2020.
Some people and companies continue to be targeted by malicious software more often than others. In 2019, there were nearly 10 billion attacks registered by the companies that keep an eye on global cybersecurity and malware attack statistics. While there’s still no full report for 2020 available, by all data, it seems that the total number of attacks is on a decline.
In 2020, the number of detected malware variants rose by 62%.
Year on year, the number of new malware variants is oscillating. In 2019, for example, there were far fewer variants of new malware appearing than in previous years. At the time, there were fewer ways malware could potentially take down computer systems.
7% of websites Google tested for malware were infected.
Ever since late 2007, the number of websites containing malware has been consistently above 100,000. Come early 2018, and this number began to decline rapidly. The latest Google report cites that just 7% of tested websites are infected. Even though the trend continues, the start of the COVID-19 epidemic brought a significant jump in malware sites.
Each week, Google detects 50 websites containing malware.
There hasn’t been a week in recent years without at least a few malware threats popping up on Google’s radar. The average number of new websites that are compromised by linking to malware pages or containing codes hackers can abuse is around 2,500 every week. However, sites that actually contain malware represent just 1.6% of this number; or around 50 per week.
Malware distributed through encrypted protocols is down 32% from 2019.
Hackers are becoming sneakier, which is a cause for concern in itself. Year after year, they’re finding ways to mask their malicious plots as legitimate websites. Websites using SSL and similar encryptions are no longer as safe as we once thought they were. Now, these supposedly secure sites have become one of the latest malware threats. Since visitors trust these encryptions, it’s becoming more and more important to provide extra security for your website.
20 million IoT malware attacks were detected in the first half of 2020.
Internet of Things devices are slowly but steadily finding their way into our homes. But there’s a price you pay for convenience; these devices also carry various security risks with them. Unfortunately for everyone looking to create a smart home, IoT is a massive malware target. The newest malware statistics show more than 20 million IoT malware attacks detected in the first half of 2020 alone.
Three in four infected IoT devices are routers.
Routers have proved to be the most desirable targets for hackers, with 75% of all IoT malware infecting these devices. Once infected, a router can then spread the infection to the local network, which can, in turn, infect dozens of additional devices.
Computer Virus Statistics
China has the highest number of malware-infected computers.
Nearly every second computer in China is infected by some form of malware. Its 47% malware infection rate is the highest globally, followed by Turkey with 42%, and Taiwan with 39%.
Trojans account for 58% of all computer malware.
The most common malware programs – both globally and in the United States – are Trojans. Coming in second place and responsible for about 13% of total malware infections are viruses. Scripts were third-ranked in this 2019 survey by AV-Test, accounting for approximately 9% of all malware infections worldwide.
Viruses are mostly spread via .exe files.
Unsurprisingly, good old executables are still the easiest way to catch a computer virus. Recent computer virus stats show that 53% of viruses spread by .exe files, while .pdf is way behind in second place with just 6%. Executables are the most commonly infected email attachments, too, accounting for 21% of all infected files sent via email.
46% of hackers disseminating malware deliver it almost exclusively through email.
“Be careful with your emails,” the experts are warning us. According to the 2020 Data Breach Investigation Report by Verizon, malicious files include Word, Excel, and other formats.
Cryptojacking saw another spike in 2020.
Cryptojacking – abusing other people’s machines for mining a cryptocurrency – is once again a hot trend among hackers. There was a 163% jump in cryptojacking attempts in 2020. Symantec’s virus statistics seem to tell us why: They show a strong correlation between the value of Bitcoin (and other cryptocurrencies) and the popularity of cryptojacking.
From 2017 to 2018, there was a 25% increase in the number of hackers using destructive malware.
In recent years, the number of hackers employing destructive malware for their nefarious deeds has been rapidly increasing. Cybercriminals are now looking to strike at companies and small businesses.
The infamous ILOVEYOU virus caused $10 billion of damage when it struck in 2009.
No lesson in the history of malware is complete without mentioning ILOVEYOU. This worm is considered the most destructive computer virus of all time. It did one very simple thing: It renamed all files “iloveyou” until the system crashed. While the exact scope of this attack was never revealed, analysts said it affected roughly 10% of all PCs around the world.
Mobile Malware Statistics
The total number of mobile malware attacks surpassed 28 million during the first half of 2020.
Although not as aggressive as in 2018, mobile malware continues to be a severe threat. New malware threats were popping up like mushrooms after a rain, with more than 14 million new malware infection attempts recorded on mobile devices during each quarter of the year.
With a 30.3% infection rate, mobile malware is most widespread in Iran.
Looking at global malware infection statistics for smartphones and tablets, Iran, Bangladesh, and Algeria had the highest infection rate of all countries in Q3 of 2020. However, the news wasn’t all bad for Iran; the country suffered fewer mobile malware attacks in 2020 than it did in 2019, but that still couldn’t shift it from the top spot on the global leaderboard.
AdWare is the most common piece of mobile malware.
Malicious apps that enable further hacking of the infected device are the most common form of mobile malware. AdWare alone accounts for 48% of all malware, while RiskTool infections account for 20%. These apps work like can openers, making way for destructive malware to reach your smartphone.
There are 50 times more malware infections on Android devices than on iOS devices.
When it comes to iOS vs Android malware statistics, the results speak for themselves. Android is the mobile platform with the highest malware infection rate, accounting for 47.15% of all infected devices, while iOS accounts for under 1% of infections.
In July 2020, 19 harmful apps were available for download via Google Play.
From time to time, malicious apps containing common Android viruses and ad-serving tools find their way onto legitimate app marketplaces. According to research from 2019, these apps had accumulated more than 335 million downloads. They include adware, Trojans, and plain old scams.
Mobile banking Trojans were 10% less common in Q2 2020 than in Q1 2020.
Kaspersky detected more than 38,000 mobile banking Trojans in Q2 2020. The biggest spike in activity occurred in September 2018, when 2.5 million mobile banking Trojan attacks happened across the globe. Smartphone malware statistics from last year show that Turkey stands out as the most prominent target: 1.2% of its mobile banking users have been affected by these Trojans.
Mobile backdoor apps are now spreading via SMS.
TimpDoor, a variant of backdoor malware targeting Android devices, saw a massive spike in activity. It managed to trick smartphone users into installing it by sending text messages to a third-party download site, further exposing devices to hacker attacks.
FakeApp malware infections increased three to four times with the beta announcement of Fortnite’s release.
Android malware statistics show that these malicious programs spread best via fake apps. Fortnite, the most popular video game in the world, launched in the middle of 2018, but only on select Android devices. Gamers looking to try out the game eagerly downloaded apps that looked for all intents and purposes like the real game. What the users actually installed on their devices were FakeApp malware programs that either bombarded the phone with apps (thus generating revenue for their developers) or downloaded more apps in the background, leaving the device vulnerable to more severe attacks.
47% of free Android antivirus programs can’t properly detect malware.
There’s a good reason why serious developers charge for their antivirus software. Free solutions are simply not up to snuff when it comes to smartphone security, with eight of 21 popular free apps failing to register even a basic malware threat.
Ransomware attacks targeting corporations increased 20% from 2019 to 2020.
Just as hackers are changing their malware plans to include fewer variants, they’re also switching to higher-value targets. Overall, ransomware attacks continued to rise during this period, but the fact that they now usually target businesses makes them potentially even more dangerous. This makes sense; companies are more likely to pay a large ransom, and the data they hold is more likely to be valuable to hackers.
More than €10 billion was paid in ransoms during 2019.
(European Union Agency for Cybersecurity)
45% of organizations affected by ransomware attacks chose to pay the ransom, and half of them still lost their data.
What used to be a rare occurrence compared to other types of malware is now affecting millions of devices every month. Virus statistics show that we’ve reached the highest ransomware infection rate in history, while analysts predict that this number will continue to rise dramatically.
Ransomware accounts for nearly one in 10 malware infections in Thailand.
Thailand might be a fantastic place to visit on your vacation, but remember to bring some good antivirus software for your devices (along with sunscreen and a Hawaiian shirt, of course). The country is often targeted by hackers; ransomware accounts for 9.57% of all malware infections in Thailand. The United Arab Emirates and Iran have a serious ransomware problem, too – approximately 8.5% of malware infections in those countries are ransomware.
Four companies are hit by a ransomware attack every minute.
How severe are the current malware threats? Analysts say a business fell under an attack every 11 seconds in 2020. Hackers are using ransomware for their corporate attacks more than ever, either stealing data so they can sell it on the black market or extorting money from their victims.
Mobile ransomware dropped by 83% from 2019 to 2020.
In its malware trends report, Symantec reported that mobile ransomware and Trojans had seen the biggest growth in 2019. According to Kaspersky, the situation improved significantly in 2020. Hackers now have more trouble extorting money from individuals and are targeting businesses.
Kazakhstan was the most popular target for mobile ransomware attacks in 2020.
As for the mobile ransomware infection rate, the US isn’t at the top of the leaderboard anymore. In its malware statistics report, Kaspersky Lab found that 0.1% of monitored devices in the US were targeted by mobile ransomware in 2020, while 0.41% of Kazakhstan mobile users fell victim to ransomware.
The infamous WannaCry ransomware program earned $143,000 in Bitcoin payments in 2017.
During 2017, there was one very aggressive piece of ransomware making headlines. Analysts found that approximately 312 ransoms were paid to the cybercriminals behind WannaCry, but the exact number of delivered decryption keys was never revealed. Government agencies believe it was all just a smokescreen for a different computer threat: data deletion.
In 2017, a data wiper infected more than 1 million computers in Ukraine.
At least 2,000 Ukrainian companies suffered a massive data wipe due to Nyetya malware in 2017. Among several malware attack vectors, Nyetya used a code vulnerability called EternalBlue and found its way onto computers via tax software that most of these companies used at the time. Hackers deployed it through an automated update tool, which by itself didn’t look suspicious. Malware infection statistics from that period clearly show that retail was the worst-affected target.