65+ Malware Statistics, Attack Trends, and Causes for 2024

Malware, or malicious software, is a big problem for computer users everywhere. The damage it does goes beyond stealing personal information or controlling your device. There are financial losses, too, in fines or resources required to fix it. Every year, malware affects so many people, which costs a lot of money to fix.

Some companies use malware analysis software to isolate and test malicious programs. Others deploy various security solutions to keep malware at bay. The statistics below show attack trends on a year-over-year (YoY) basis, along with causes and the actual cost of dealing with attacks. 

Top malware statistics

These statistics focus on how malware spreads, why, and the frequency with which it spreads. They answer most of the questions that are top of mind for cybersecurity folks. 

• In 2021, 74% of companies saw malware spread from one worker to another. By 2022, this issue troubled 75% of companies. More phishing and distracted employees might be why malware spreads.  
• 35 out of every 100 companies say they had problems with cyberattacks because their online security wasn't strong enough. 
• Over 40 malware types use domain generation algorithms (DGAs), making them hard to stop.
• Every day, 560,000 new malware threats emerge.
• Ransomware is the most common type of malware. The rate of ransomware crimes rose by 68% in 2023.
• Ransomware hits four businesses each minute, with Trojans being the most common culprit.
• Google finds 50 malicious websites weekly.
• Almost 1 in 2 computers in China is infected with malware.
• The healthcare, finance, and retail sectors are highly malware-prone.
• Over 50 fake apps mimic ChatGPT in order to deliver malware.
• 80% of internet users have encountered spyware.
• Hackers often use email phishing because they can target many people at once. Every 1 out of 6,000 emails could lead you to a dangerous website that may lock your computer until you pay up.
• Cerber ransomware was the most detected in 2022, even offering a “ransomware as a service” model.
• CryptoLocker is the most common ransomware strain, having affected 52% of surveyed victims or their clients.
• Approximately 95% of companies in Canada were at risk of a material cyberattack in 2023.
• 70% of organizations have reported users being served malware ads on their browsers.

Malware prevention statistics

Software alone can’t do much if a company doesn’t have a plan or a team to protect its assets against malware. These statistics highlight the ways businesses approach malware prevention. 

• Nearly half of US businesses have a plan for managing cyberattacks. But in the Netherlands, only 21% of companies are prepared.
• 34% of cybersecurity experts said their staffing was sufficient, with only 3% saying they have more than needed.
• Universities are prime targets for ransomware. The University of California, San Francisco (UCSF) paid over $1 million to Netwalker.
• 93% of computers already have the necessary components for spyware activation. 
• 63% of organizations regained access to their data after paying a ransom, but there's no data recovery assurance. On the brighter side, 84.5% of organizations that didn’t pay the ransom managed to recover their data within a year.

Year-over-year malware attack trends

Malware attacks are on the rise, along with the frequency and magnitude of these attacks. Let these stats show you the recent trends in recent years.

• The US is a prime target, suffering over 4,000 ransomware attacks daily since 2016.
• Globally, there were 304 million ransomware attacks in 2020 – nearly 578 incidents every minute.
• Malware and virus variants have jumped by 62% since 2020.
• Ransomware victimized 68.5% of businesses worldwide in 2021, a significant increase from previous years.
• Malware attacks rose to 10.4 million per year in 2021. 
• Ransomware attacks dipped to 40 million monthly in 2022 from 50.5 million in early 2021.
• The first half of 2022 saw 2.75 billion malware attacks.
• Professional services are the top target for ransomware, making up 21.9% of attacks in Q2 2022.
• In 2022, 550 US healthcare breaches occurred, some ransomware-related.
• Malware attacks reached 5.5 billion in 2022.
• India, Austria, and the United States are among the top countries affected by ransomware – 68% of Indian organizations experienced attacks in 2022!
• In Q3 2022, malware was used in 57% of cyberattacks on organizations and 52% on individuals. 
• Ransomware attacks surged by 64% in the second quarter of 2023 compared to Q1.

Statistics for the causes of malware attacks

A seemingly harmless PDF file or an executable file can be torchbearers of malware at your company. The stats below speak to this claim. 

• Phishing emails are the leading cause of ransomware infections, followed by poor user practices and a lack of cybersecurity training.
• 172 million random domains were used for malware control in 2019, according to SonicWall.
• Malware often hides in Microsoft Office files and PDFs. PDFs are involved in 18.27% of cases, but executable files are still the most common malware, followed by scripts.
• Amazon was the most impersonated brand in 2023.
• 98% of web applications are vulnerable to malware attacks and redirection to malicious websites.
• 54% of organizations are most likely to suffer from ransomware, while 46% of individuals get targeted by spyware.
• 53% of attacks on organizations involve confidential information leaks, compared to 64% for individuals.
• 38% of malware is disguised as a fake Word document.
• 8 out of 10 organizations believe they are at malware attack risk due to carelessness from their employees. 
• 93% of businesses say they have experienced a work email getting compromised because of employee negligence.

Mobile malware attack statistics

Malware doesn’t solely invade computers and laptops; it affects mobile devices, too. Explore the statistics below to understand their frequency and impact on mobile devices.

• Iran had the most mobile malware attacks in Q2 2022, at 26.91% of users, down from 35.25% in Q1 2022. 
• 50 times higher is the risk of malware for Android devices compared to iOS. 
• New mobile banking trojans doubled to 200,000 in 2022.
• Half of mobile malware is delivered via adware.
• Malware was used in 67% of mobile attacks in 2022.
• A total of 5,704,599 mobile malware and adware attacks were blocked in Q3 2023.
• A total of 370,327 malicious installation packages were detected. 59,167 packages were related to mobile banking Trojans, and 1318 were mobile ransomware Trojans.

Cost of dealing with malware

These statistics show the financial side of addressing a malware attack in your organization. Use them to pick the right cyber issuance policy and invest wisely in the cybersecurity program to keep yourself safe. 

• Ransom demands are climbing, with an average of $228,125 per incident in mid-2022.
• The cost of cyber security threats and crimes amounted to approximately $8 trillion in 2023.
• Ransomware costs dipped slightly to $4.54 million per incident.
• Data breach costs averaged $4.24 million. They took 287 days to contain.
• Ransomware surged as average payments hit $570,000 in 2021.
• Ransomware's average demand was $111,605 in 2020.
• Hackers aim for one thing with ransomware: money. And it's working, as victims paid over $590 million in just the first half of 2021. The ransomware business itself is valued at $14 billion.
• 42% of companies report that their cyber insurance policies only cover part of the damages.
• 48% of organizations say they have experienced information theft via malware.

Numbers don't lie

Malware is a serious problem that affects anyone. But the good news is you can use simple security steps to protect against malware from spreading. 

Keep your software current, employ antivirus software, and be conscious while using emails and downloading attachments. Stay informed and reduce your risk of becoming a victim of a malware attack. 

Check out our cybersecurity trends and projections, and stay protected from malware in 2024.