Malware Statistics in 2022: The Evolving Cyber Threat

Malware statistics in 2022 have demonstrated a serious financial loss for organisations and individuals. Malware, also known as a malicious software is designed to damage or disable computers and computer systems.

The malicious software can be spread in a number of ways, including email attachments, file sharing, and malicious websites. There are a variety of different types of malware, including viruses, Trojans, spyware, and adware. Malware can have a number of serious consequences for businesses, including data loss, system damage, and financial loss.

Cybercriminals often use malware to steal sensitive information or to extort money from businesses. It is important for CFOs and security professionals to be aware of malware and it’s several forms. Therefore, steps need to be in place to protect computers and networks safely. So, what do we know about malware in 2022? Keep reading to find the latest statistics.

Author’s Top Picks

80% of malware has increased in new malicious software on Macs.
The top 5 countries affected by targeted malware attacks were the U.S., India, Japan, Taiwan, & Ukraine.
49% of non-point-of-sale malware was installed via malicious email.
In 2020, 61% of organisations experienced malware activity that spread from one employee to another.
Trojans account for 64.31% of all malware attacks on Windows systems, followed by viruses at 15.52%.

Malware statistics

1. The number of new mobile malware variants increased by 54% in 2017.

Malware threats in the mobile space continue to grow year-over-year, with no end in sight. This is a trend that is only going to continue, as more and more people use their mobile devices for everything from banking to shopping to social media.

Source: Norton

2. 80% of malware has increased in new malicious software on Macs.

Malware is a type of software designed to harm or disrupt computer systems. The malware problem has become increasingly serious for Mac users in recent years. Security incidents can lead to the disclosure of confidential information, financial loss, and legal liability.

Source: Norton

3. According to a survey conducted by BitDefender from January to June 2009, "trojan-type malware is on the rise, accounting for 83% of the global malware detected in the world".

Trojan horse malware is a particularly insidious type of malware that masquerades as a benign program or file to access a computer system. Once it has gained entry, it can be used to damage systems, steal data, or allow someone else to take control.

Source: Samsung

4. BitDefender has stated that approximately 15% of computers are members of a botnet, usually recruited by trojan infection.

While Trojan horses are typically spread via email attachments or malicious websites, they can also be spread by worms. BitDefender, the anti-virus company, states that Trojan horses are becoming more common.

Source: V Skills Certified

5. The top 5 countries affected by targeted malware attacks were the U.S., India, Japan, Taiwan, & Ukraine.

Malware statistics demonstrate that attacks are common and can spread from business to business. According to data, Norton reports that hundreds of organisations are hit with targeted attacks from a range of countries. The United States was the country most affected, totaling approximately 303 attacks between 2015 and 2017.

Source: Norton

6. In 2000, a Trojan called ILOVEYOU became the most destructive cyberattack in history at the time, with damages estimated up to $8.7 billion.

All it takes for a Trojan to activate is a click of a button. The most destructive cyberattack occurred when recipients received an email with text attached “ILOVEYOU”. The malicious software was initiated when recipients opened the attachment, which caused script codes to be overwritten on every email in the user’s contact list.

Source: Malwarebytes

7. In fact, Malwarebytes detects all known Trojans and more, since 80% of Trojan detection is done by heuristic analysis.

Adware and malware are a constant threat to computer users. While many free programs can detect and remove these malicious files, they can be difficult to spot.

Source: Malwarebytes

8. An unprotected computer is likely to be attacked within an hour after connection to the Internet.

It is estimated that the average time between the exposure of a vulnerability and the creation of an exploit is 6.8 days. This means that an unprotected computer is likely to be attacked within an hour after being connected to the Internet.

Source: Australian Institute of Criminology

9. Malware software is estimated to have infected over 3.6 million computers in the USA, including machines owned by NASA, Bank of America and the US Department of Transportation.

The Zeus/Zbot malware package is a client-server program with deployed instances calling back to their home base, the “Zeus Command & Control” centre. They are also considered to be one of the top malware in 2022.

The Zeus software allows hackers (and possibly others) to access your computer and loot its information. The estimated number of computers infected in America alone surpassed 3 million – including ones owned by NASA or Bank Of America as well as various departments within the Department of Transport.

Source: Imperva

Computer virus statistics

10. 100,000 groups in at least 150 countries and more than 400,000 machines were infected by the WannaCry virus in 2017, at a total average cost of $4 billion.

On May 12, 2017, a massive ransomware attack known as WannaCry began spreading across the globe. Within hours, 100,000 groups in 150 countries had been infected, with a total of 400,000 machines impacted.

Source: PurpleSec

11. 49% of non-point-of-sale malware was installed via malicious email.

A computer virus is a type of malware that is designed to spread from one computer to another. One of the ways that businesses can be exposed to the computer virus is through email. It only takes one person to open an email attachment or click on a malicious link to unwittingly infect their computer.

Source: PurpleSec

12. Over the last year, Mac operating system malware increased by 165%.

Malware attacks can occur on any device such as mobile, computers or even printers. Even with Mac’s defensive systems in place in their operating systems, they are still being attacked with updated malicious software.

Source: G2

13. Recent computer virus stats show that 53% of viruses are spread by .exe files, with .pdf files only accounting for 6%.

This is largely due to .exe files can be automatically executed by many programs, whereas .pdf files require the user to take action to open them. As a result, it is important to be cautious when opening any type of file from an untrusted source.

Source: G2

14. More than 6000 new computer malware-viruses are created and released every month.

Computer viruses are a serious threat to businesses and CFOs. More than 6000 new viruses are created every day, and old ones are continually evolving to become more sophisticated and more difficult to detect.

Source: Geeksforgeeks

15. Facebook will pay $500 to a person, who will find a vulnerability in its system.

To boost security, businesses often test their security systems to make sure they are defended against sophisticated targeted attacks. The social media giant Facebook is offering a hefty reward to anyone who can find a vulnerability in its system. In doing this, Facebook is hoping to encourage people to report any potential security risks before they can be exploited.

Source: Geeksforgeeks

16. In 2020, 61% of organisations experienced malware activity that spread from one employee to another.

It has been reported that employees are now spreading malware to other workers through different means. This could be because phishing attacks have become more sophisticated, while at the same time working from home may bring about distractions that lead people to behave erratically online.

Source: Comparitech

Trojan statistics

17. Trojans account for 64.31% of all malware attacks on Windows systems, followed by viruses at 15.52%.

Trojans known as Trojan Horse are malicious programs that disguise themselves as legitimate software to trick users into installing them.

Source: G2

18. In Q2 2021, Kaspersky products and technologies protected 97,451 users from trojan attacks.

Kaspersky’s products and technologies help to protect users from trojan attacks by detecting and blocking the malware before it can infect their system. With the number of trojan infections increasing, businesses and individuals must be cautious as infections are commonly spread through email attachments or infected websites.

Source: Securelist

19. The top 5 countries attacked by Trojans (malware) were Bangladesh, Ethiopia, China, Pakistan & Egypt.

According to Kaspersky, trojan attacks increased by 3.5 per cent in the past year. This malicious software has spread across the globe attacking locations like China, Bangladesh and more. No country is safe, therefore cybersecurity must be a number one priority.

Source: Securelist

20. There were more than 38,000 mobile banking Trojans detected last year.

A common objective for cybercriminals is to attain financial gains. Their strategy when attacking the financial industry is by using a Trojan horse to gain access to sensitive banking information. CFOs are hit hard when these attacks occur and can have a serious financial impact on the business.

Source: Nira

21. Trojans account for 58% of malware attacks.

When it comes to malicious software, Trojans are the most common. Almost 6 to 10 pieces of computer malware fall into the Trojan horse category. They are also becoming more and more experienced in attacking different sectors of business.

Source: Nira

22. In 2020, 70% of the 52% of attacks that went after financial institutions came from the Kryptik Trojan malware.

According to the Hub Security 2021 report, 70% of the 52% of attacks were Trojan malware. This attack targeted the Financial & Insurance sector.

Source: AFCEA

23. More than 68,000 new ransomware Trojans for mobile were found in 2019.

Ransomware attacks and employees accessing sensitive information from their mobile devices pose a risk to company data. To protect company data, it is important to have resources available and to avoid paying ransom.

Source: AFCEA

Spyware statistics

24. About 80% of all Internet users have their systems affected by spyware.

CFOs are under constant threat from cyber attacks. One of the vast majority and dangerous attacks is known as spyware. Spyware is one form of malware that is installed through email or a website on a CFO’s or employee’s computer without their knowledge.

Source: Malwarebytes

25. Overall business detections of malware rose 79% from 2017 due to an increase in backdoors, miners, spyware, and information stealers.

From 2008 to 2019 malware infections saw a significant increase from 12.4 million to 812.67 million according to Purplesec. Viruses and infections are adapting to the modern business landscape with software types becoming smarter and harder to detect.

Source: PurpleSec

26. Small and medium-sized organisations have "major problems" with spyware - representing 40% of all security downtime costs.

CFOs in small and medium-sized organisations are all too familiar with the high cost of downtime caused by “malware” security breaches. A recent study found that malware now represents 40% of all security downtime costs across all industries – and the problem is only getting worse.

Source: Adaware

27. 86% of adults are unaware of stalkerware or have only heard the name, meaning only 14 per cent are familiar with spyware or creepware.

Stalkerware can be installed on a victim’s phone without their knowledge and used to track their movements, listen to their conversations, and even remotely activate the camera. Stalkerware can be used in offices to steal confidential information or gain access to critical data.

Organisations can prevent stalkerware from being stalled by installing security applications to scan for malware or stalkerware apps.

Source: Norton

28. Malware and spyware present the highest cost damages for organisations, followed by data breaches.

When it comes to evaluating the true cost of digital fraud a combination of factors is involved. Other than the loss of data, disruption of business and reputational cost. Financial damages and impacted cash flow is hit hard on organisations and greatly impact CFOs.

Source: Parachute Cloud

Scareware statistics

29. In 2006, Microsoft and the Washington State Attorney sued an alleged spyware company.

Microsoft Corp. and the Washington state attorney general have filed lawsuits against anti-spyware software vendor ‘Secure Computer LLC’, claiming that their Spyware Cleaner product not only fails to remove spyware as advertised but also makes changes on your computer making the user more vulnerable.

Source: Norton

30. More than 60 countries were affected to buy more than $100 million worth of scareware software.

Unfortunately, there are scammers and cybercriminals who try to get you into their fake antivirus software with a seemingly genuine security warning. Once installed, the software could compromise your computer giving the scammer access.

Source: Federal Bureau of Investigation

31. In 2010, the website of the Minneapolis Star Tribune newspaper was attacked by cybercriminals and managed to make $250,000 before being arrested.

The newspaper website Minneapolis Star Tribune had served ads that were created with malicious intent. This directed users to a fake website that had prompted them with a pop up informing them that they had been infected.

Source: Fortinet

32. In March 2019, Office Depot and tech support, “Support.com” conducted a support scam.

The Office Deport and its tech support vendor agreed to pay for a settlement worth $35 million due to deceiving customers into downloading a free PC Health Check Program. In this case, there was no malicious intent. However, it was used to drive sales of the tech support vendor while the software did not operate with full functionality.

Source: Forcepoint

33. ChronoPay, a Netherlands-based company that was once hailed as Russia’s largest online payment processor, was tied to various scareware schemes.

According to a report by Krebs on Security, ChronoPay, an internet payment service provider, was exposed by owning scareware companies and had paid for their domain names and other operations. The leaked records also depict how vigilant ChronoPay had worked in order to sustain these unethical work ties.

Source: Sectigostore

Worm statistics

34. Computer Worms Infected 10% of the Internet.

In the late 1980s, the “Morris Worm” was notably a notorious computer worm that had infected 1 in 10 internet-connected computers at the time. Thousands of other worms have since emerged, though none have compared to the Morris worm in terms of infectability.

Source: Logix Consulting

35. Conficker, a 2008 worm, infected millions of computers and created vast botnets.

Bot worms are designed to turn computers into zombies or bots, which can be used in coordinated DDoS attacks through botnets. Conficker infected millions of internet users and created vast pools for malicious purposes with its 2008 worm outbreak.

Similar to computer viruses, bot worms are malware infections that are capable of duplicating themselves and spreading between computers. This can be very troublesome to organisations as a typical bot attack can last up to weeks or months.

Source: Cybereason

36. Computer worms have caused billions of dollars in damage over the past decade.

The Stuxnet computer worm was discovered in 2010 and created by the United States and Israel in order to target the Iranian nuclear power plant. The computer worm was successful and caused billions of dollars in damages by crashing 984 centrifuges in the facilities of the power plant, setting back production capabilities by 2 years.

Source: Veracode

37. In 2007, the Storm Worm infected over 1.2 billion emails that were sent over the course of 10 years.

Malware created in 2007, called Storm Worm, sought to take advantage of people’s fear and panic during times when they are most vulnerable. The email virus tells recipients that their computers have been taken over by hackers, who will then demand money or passwords for access. If no response is received within 24 hours, the hackers will threaten legal action.

Source: Software Lab

38. "Phatbot" spread to millions of computers in 2004.

Phatbot is a computer worm that has been known to cause extensive damage to systems it infects. The worm spreads by taking advantage of security vulnerabilities in Windows systems, and once it has infected a system it can give the attacker complete control over the PCs and devices.

Source: Slashdot

39. The Flame virus was discovered in 2012 and is regarded as one of the most sophisticated computer worms ever found.

The Flame virus, a deadly computer worm created as part of an international cyber program, shares many similarities with the Stuxnet worm. The Flame virus was designed to disrupt Iran’s nuclear weapon program by infecting thousands of computers and causing billions of dollars in damage. The virus continued to spread across the Middle East after it was first released.

Source: Veracode

40. The SQL Slammer computer worm infected roughly 75,000 victims in only 10 minutes.

There are different types of computer worms such as email worms, instant messaging worms, file sharing worms & internal worms. The SQL slammer was notably a destructive computer worm that targeted Microsoft’s SQL server in 2003. The SQL slammer was highly effective, approximately infecting 75,000 individuals throughout the globe.

Source: Avast

Why Eftsure?

Why customers use Eftsure

Accounts Payable

By role

Learn

Company

Why Eftsure?

Why customers use Eftsure

Accounts Payable

By role

Learn

Company

Malware Statistics in 2022: The Evolving Cyber Threat

Table of Contents

Author’s Top Picks

Malware statistics

1. The number of new mobile malware variants increased by 54% in 2017.

Share statistics

Copy link

2. 80% of malware has increased in new malicious software on Macs.

Share statistics

Copy link

3. According to a survey conducted by BitDefender from January to June 2009, "trojan-type malware is on the rise, accounting for 83% of the global malware detected in the world".

Share statistics

Copy link

4. BitDefender has stated that approximately 15% of computers are members of a botnet, usually recruited by trojan infection.

Share statistics

Copy link

5. The top 5 countries affected by targeted malware attacks were the U.S., India, Japan, Taiwan, & Ukraine.

Share statistics

Copy link

6. In 2000, a Trojan called ILOVEYOU became the most destructive cyberattack in history at the time, with damages estimated up to $8.7 billion.

Share statistics

Copy link

7. In fact, Malwarebytes detects all known Trojans and more, since 80% of Trojan detection is done by heuristic analysis.

Share statistics

Copy link

8. An unprotected computer is likely to be attacked within an hour after connection to the Internet.

Share statistics

Copy link

9. Malware software is estimated to have infected over 3.6 million computers in the USA, including machines owned by NASA, Bank of America and the US Department of Transportation.

Share statistics

Copy link

Computer virus statistics

10. 100,000 groups in at least 150 countries and more than 400,000 machines were infected by the WannaCry virus in 2017, at a total average cost of $4 billion.

Share statistics

Copy link

11. 49% of non-point-of-sale malware was installed via malicious email.

Share statistics

Copy link

12. Over the last year, Mac operating system malware increased by 165%.

Share statistics

Copy link

13. Recent computer virus stats show that 53% of viruses are spread by .exe files, with .pdf files only accounting for 6%.

Share statistics

Copy link

14. More than 6000 new computer malware-viruses are created and released every month.

Share statistics

Copy link

15. Facebook will pay $500 to a person, who will find a vulnerability in its system.

Share statistics

Copy link

16. In 2020, 61% of organisations experienced malware activity that spread from one employee to another.

Share statistics

Copy link

Trojan statistics

17. Trojans account for 64.31% of all malware attacks on Windows systems, followed by viruses at 15.52%.

Share statistics

Copy link

18. In Q2 2021, Kaspersky products and technologies protected 97,451 users from trojan attacks.

Share statistics

Copy link

19. The top 5 countries attacked by Trojans (malware) were Bangladesh, Ethiopia, China, Pakistan & Egypt.

Share statistics

Copy link

20. There were more than 38,000 mobile banking Trojans detected last year.

Share statistics

Copy link

21. Trojans account for 58% of malware attacks.

Share statistics