More and more devices are connected nowadays, risking the safety of our finances, privacy, and personal data. Infectious codes like malware, malicious software, and viruses pose a real threat both to businesses and individuals.
In most cases, malware cannot damage your hardware (though some crypto mining malware can destroy devices, but more on that later). It will, however, mess up your data by stealing it, encrypting it, or deleting it. Some malware can also hijack your processor and power resources, change core functions, or spy on your online activities.
Learn about the newest threats and trends in these malware statistics to see what you ought to keep an eye on in 2019. Stay safe.
Top 5 Malware Stats to Remember
The AV-TEST Institute registers over 350,000 new malicious programs, malware, and unwanted programs per day
Every 7 seconds a new malware is released
The most affected country is Algeria, where 32.41% of computers are infected by malware
According to a McAfee study, malware revenue can reach $1 billion by 2020
In just a single month in 2018, 57,000 new malware threats were detected
1. Between December 2018 and January 2019, malware activity has increased by 61%.
The increased activity was noticed with malspam (or malware spam, i.e. the malware that’s delivered via email) and across multiple malware categories. WannaCry—a ransomware worm that targeted PCs running Windows—took the lead among these.
2. The AV-TEST Institute registers over 350,000 new malicious programs, malware, and potentially unwanted applications every single day.
This should give you an idea of just how many threats are created each day—and the numbers are alarming. The total distribution of threats over the last year was 77.70% for malware, and 22.30% for potentially unwanted applications (PUA).
3. New malware is released every 7 seconds.
Just in the first half of 2018, the amount of new malware was already equivalent to what had come out during the entirety of 2017, and that’s scary. It’s not too surprising, though, since it’s the costliest type of cyberattack for businesses and individuals alike.
4. In just one month in 2018, 57,000 new malware threats were detected.
If you want to know how many computer viruses are released every month, you can start here. Even though cybercriminals aren’t changing the basics of their operations, they constantly have to update their black hat portfolio and are always one or several steps ahead of security systems.
5. The cost of malware attacks increased by 11% over 2018.
The overall price of cyberattacks is on the increase across the board, but so far malware shows the fastest growth. The priciest attacks are web-based attacks and malware programs. The cost of ransomware and malicious insider attacks is increasing at the fastest rate, but both are still tagging along behind malware.
6. In Accenture’s analysis of almost 1,000 cyberattacks, malware was the most frequent one.
In many countries, it was also the most expensive type of cyberattack for organizations, as well as the priciest for various countries to resolve.
7. In 2017, 1 in 13 web requests led to malware, a 3% increase from 2016.
Symantec decided to test URLs for viruses, and they learned that 1 in 13 turned out to be malicious. In 2016, on the other hand, it was determined that 1 in 20 URLs were unsafe.
8. In 2018, the top 5 most successful anti-virus detectors were Bitdefender at 100%, McAfee at 98.8%, Trend Micro at 98.8%, Kaspersky Lab VIPRE at 99.8%, and Avast at 99.7%.
The computer virus stats are looking good, but beware. Only one successful attack needs to breach that wall, and your data is toast. Also, attacks like social engineering and some fileless techniques are either very difficult or impossible to detect this way.
9. The number of users who rely on free desktop security is 44%, a definite increase in the last couple of years.
There has been a drop in the number of users who have no antivirus software, which now only amounts to 0.5%.
The Different Examples of Malware
11. According to Sophos, “82% of malicious sites are hacked legitimate sites”!
12. Over the last year, Mac-related malware occurrences have increased by 270%.
Apple users ought to prioritize device security as soon as possible. New viruses for Mac are piling in, and you could be the next target. If you’ve been wondering, Can an iPhone get malware from the internet? you haven’t been paying attention. Even though Android is more likely to be attacked, your Apple phone is likely in dire need of some heavy-duty iPhone malware detection software.
13. Newly developed Windows malware samples have decreased by 3%.
Windows is still the main operating system for most users. This is what makes it an obvious target for attackers worldwide, making this one of the more notable malware statistics from 2018.
14. If mobile malware maintains its current pace, according to a McAfee study, its revenue could reach $1 billion by 2020.
While 2018 was the mobile-malware year, in 2019 malware became omnipresent in a way, even more so than before. Smart home tech is becoming more and more popular, and the growth seems to be so fast, companies have completely forgotten about anti-malware tests and security issues.
15. The app categories with the most malicious mobile apps are Lifestyle at 27%, Music & Audio at 20%, and Books & References at 10%.
Lifestyle seems to be the most targeted sector, and Android is more likely to be a target than iOS, mostly because of outdated operating systems. The Internet Security Threat Report details a huge increase in the amount of mobile malware, which is no surprise since users are now more likely to go online via mobile devices. Further down the line, the safer apps with lower risks of malicious malware are House & Home (5%), Art & Design (4%), and Education (4%).
16. In 2018, only 20% of Android devices were running on the newest major version of their operating system.
Running an outdated OS, as we can see among both desktop and mobile malware statistics, increases the risk of a malware attack.
17. There has been an 8,500% increase in coinminer detections.
With only a couple lines of code, hackers can hijack your computer processing power and cloud CPU usage. They then use these resources to further their coinmining gold rush. Coinmining is one of the fastest-growing recent malware threats. This criminal activity can cost individuals and companies a great deal, slowing down and overheating their devices. In the case of companies, they might suffer from potential downtime and a charge for CPU usage.
18. In 2018 over 4,200 websites around the world started hijacking visitors’ browsers to mine the Monero cryptocurrency.
In a recent crypto malware attack, over 4,000 websites—including several government sites—were compromised. The targets included the UK’s Information Commissioner’s Office, the US Courts information portal, Manchester’s city council, the Swedish police, the City University of New York, and many others.
19. There is a 92% increase in new malware downloader variants.
Downloader malware is a malicious program that downloads other malicious software. Once the device is infected, it gets silently attacked by other malware.
20. Manchester debuts with over 500,000 detections.
The VPN filter malware-bombed hundreds of thousands of small businesses and consumers with cyberattacks. The VPN and SamSam were still bested by the 2017 WannaCry and NotPetya malware attacks. As we’re seeing more and more, recent malware attacks have become increasingly targeted and more sophisticated.
21. 77% of the malware attacks that compromised organizations utilized exploits or fileless techniques.
One of the most important shifts in 2018’s malware trends was how .EXE files dropped in popularity when it comes to packaging and deploying malware. This one gives computer virus stats a bad name. Traditional antivirus systems that analyze executable files to find current malware threats can’t register or notice these attacks.
22. In 2018, the overall detection of banking Trojans decreased by 49% for businesses and 47% for consumers.
A MalwareBytes analysis of 2018’s threats discovered that banking Trojans—programs used to gain protected banking information—are on a sharp decline. However, the Emotet malware family has seen many modifications that help identify offline wallets for cryptocurrency, credentials, and other info.
23. The most popular mobile banking Trojan in 2018 was Trojan-Banker.AndroidOS.Agent.dq (at 17.74%).
Trojan-Banker.AndroidOS.Svpeng.aj closely followed with 13.22%. They used phishing windows and SMS phishing to steal your bank account info and online banking credentials. The banking malware rates are the highest in the US, with 0.79% of users attacked, followed by Russia with 0.7%. The other countries in the top 10 list show a huge drop, since Poland is the third most affected, with only 0.28% compromised users.
24. Spyware has dropped in detections in recent years by as much as 41%, becoming the fifth most prominent malware.
MalwareBytes reported spyware as having the most dramatic detection decrease for all malware. Among new malware threats, TrickBot was the top recent spyware, stealing cryptocurrency wallets from victims worldwide.
25. Backdoor malware also had a healthy increase in detections, jumping up by more than 440% on the consumer side.
Backdoor computer malwares—which bypass standard authentication procedures to gain unauthorized remote access to a computer—have skyrocketed on both the business and the consumer sides. A Vools backdoor malware campaign was the source of this spike, using the ETERNALBLUE SMB vulnerability from the overwhelmingly successful WannaCry attack.
26. Ransomware detections dropped in 2018 by 12% on the consumer side and 35% on the business side.
This doesn’t mean that ransomware is gone for good as a threat. Of all forms of malware, the most prolific ransomware is currently GandCrab. If you get infected, look for the decryptor on the NoMoreRansom website. If you were hit by an earlier form of the malware, you’ll be fine.
27. 2018 saw a sharp increase of 184% in adware.
The April increase over May gave away a persistent, active adware campaign. It’s unclear if further malware development is in store. Not even Mac computers are safe from adware, and Macworld claims that there are three adware infections per user hiding on a typical Mac.
28. The cost of a single hour of downtime for businesses is $100,000—and enterprises report that it costs them $1–$5 million.
As we can see from denial of service and malware statistics, downtime (or rather the time taken for disinfection) is clearly pricy and damaging to a business’s reputation.
29. Financial malware is 2.5 times more prevalent than ransomware.
Cybercriminals have gotten used to adapting quickly to industry changes, as current targets become too saturated or too well protected. The weakest link is still the end user, falling for social engineering attacks more often than for any known malware.
30. In 2018, 45.8 million records were stolen from in-person transactions using card-skimming malware and point-of-sale (POS) breaches.
Card-skimming malware has been getting more popular in 2018. Criminals mainly targeted retailers, hotels, and restaurants, including Chili’s and Cheddar’s Scratch Kitchen.
31. Cryptomining malware has impacted 37% of organizations throughout the world.
One of the biggest malware trends in the past couple of years, malicious cryptomining shows no sign of slowing down. This is surprising to a degree, since the value of cryptocurrencies has fallen.
32. 20% of companies continue to be exploited in cryptomining attacks every week.
A new malware attack happens every minute. With cryptomining attacks being the only ones that can damage your hardware, as well as your software in some cases, many people are concerned.
33. 24% of organizations worldwide were impacted by CoinHive, a Monero cryptocurrency miner.
As stated in the 2019 malware report by Check Point, this cryptomining malware has continued to grow on a global scale. The immensity of CoinHive can only be understood if compared to the overall global impact of cryptomining malware.
34. RubyMiner has attempted to exploit 30% of all corporate networks worldwide.
This new malware from 2019 has been targeting the Linux and Windows servers that are using outdated software, according to malware statistics gathered by Check Point researchers. RubyMiner plants the cryptocurrency miner XMrig on outdated systems to hijack your CPU processing power and stealthily mine Monero coins. The top five targets are the US, the UK, Germany, Norway, and Sweden—and apparently every other country, only not as much.
35. Malspam continues to dominate as the primary source of infection, delivering 47% of the top 10 malware notifications, even after seeing a three-month decline.
A new malware from a 2018 malspam campaign sends out emails that mention payments and contain a password-protected document named Invoice.doc. The password is only there to slow down your antivirus system, since you can easily find it in the body of the email. An information-stealing Trojan is enabled, which then downloads and executes Hermes 2.1 ransomware, encrypting your files.
36. Among the top 10 malware detections were Heur.AdvML.C at almost 23.4M, then Heur.AdvML.B at over 10.4M, and finally, JS.Downloader at a bit under 2.6M.
37. As many as 351,913,075 unique URLs were recognized as malicious by web anti-virus components.
According to the newest data by SecureList, executable files are becoming less of a problem compared to web-based malware. This threat ought to be your primary concern if you’ve been wondering, How is malware distributed?
38. The worst country when it comes to computer malware is Algeria, where a staggering 32.41% of computers are infected.
Uzbekistan seems to keep up the cryptomining industry all on its own, with 14.23% of users being infected. Vietnam is the least prepared for cyber attacks, while Algeria has almost no cybersecurity legislation whatsoever. Still, if you want to know what percentage of computers are infected with malware, it depends on the type of malware. Germany can be used as an alternate example—it has the highest number of financial malware attacks, where 3% of all users were impacted.
Your Apple device is not safe, your Android device is definitely not safe, and your work computer, protected by the most recent company malware detection programs is an easier target than you can imagine. A good antivirus system will protect you in most cases, but the bad guys need only succeed once to wreak havoc in your system. The hundreds, thousands, and millions of dollars you can use if you aren’t careful are only growing in volume.
With a surge in cryptomining malware, even your hardware is at risk of getting overheated or worse. With Trojan, adware, ransomware, and spyware roaming about, even your fridge and your healthcare institution’s MRI machine can turn on you. With regards to current malware statistics, the most important way to prevent damage is by using an up-to-date OS. And be sure to stay diligent and informed.