Home 20+ Malware Statistics You Need to Know in 2023

20+ Malware Statistics You Need to Know in 2023

Jeff Beckman Tech Writer Author expertise
In our content, we occasionally include affiliate links. Should you click on these links, we may earn a commission, though this incurs no additional cost to you. Your use of this website signifies your acceptance of our terms and conditions as well as our privacy policy.
In This Guide

Like a hydra with endlessly regenerating heads, malware haunts the computer industry. Cybercriminals and hackers evolve daily, conjuring insidious new tactics and techniques to plague our digital lives. The sector has weathered wave upon wave of attacks over the past two decades, suffering substantial losses at the hands of these relentless foes.

Malware is the deadly venom that fuels this hydra. These viruses worm their way into computers, servers, and networks, unleashing chaos once embedded in their hosts. Cybercriminals wield malware to pillage and plunder, extracting sensitive information and data from helpless victims through compromised computers and mobile devices. An infected computer suddenly slows to a crawl, crashes unexpectedly, refuses to restart, or even shuts down independently.

The onslaught only intensifies with each passing year. Experts predict 300,000 malware instances will be generated daily in 2023 alone, with email distributing 92% of these infectious payloads. Detection lags far behind, taking an average of 49 days to uncover each new threat.

As malware proliferates at a breakneck pace, we must remain vigilant. Understanding the scope of this epidemic arms us for the endless fight ahead. We may not slay the hydra, but with knowledge, care, and vigilance, we may at least hope to withstand its fury. This article will delve into some eye-opening malware statistics, shedding light on today’s cybersecurity challenges and emphasizing why our digital assets matter more than ever.

Must Know Malware Statistics

Must Know Malware Statistics

1. Employees with Malware are Spreading the Virus Widely.

Malware is found on computers, and being a virus, it can spread from one machine to another. Statistics show that 61% of organizations in 2020 saw massive malware attacks that spread from one employee to another. In 2021, about 74% of organizations were victims of this spread; by 2022, the figure rose to 75%. This was the highest rate recorded since the SOES survey started in 2016.

2. Frequent Ransomware Attacks Disrupted Business.

When hit by ransomware, businesses are always in danger of being affected. According to estimates from 2020, 51% of organizations had a significant ransomware assault that involved their operations. About 61% of organisations experienced the same loss by 2021.

3. Businesses in the United States are more Cyber-resilience.

Some organizations and enterprises have acquired thick skins and are well-prepared for these attacks due to the daily surge in cybercrime and ransomware attacks. According to statistics, American businesses are well prepared, with 47% implementing real cyber-resilience. However, just 21% of Netherlands and Western Europe businesses have implemented cyber-resilience measures to prevent intrusions.

4. 70% of Organizations Have an Understaffed Cybersecurity Team.

Many organizations have become fixated on cybersecurity people due to increased cybercrime. These teams of experts aid in the identification and defense of businesses against fraud and cybercrime. According to a study, 69% of cybersecurity professionals thought their organization’s cybersecurity team was understaffed in 2022. In-depth research revealed that 47% of respondents said their company was slightly understaffed. Conversely, 15% of respondents said their companies had a severe staffing shortage.

In addition, 34% claimed they were seriously understaffed, while 3% thought they were severely overstaffed. Since thieves have refused to stop, there is an increasing need for cybersecurity experts every year. Given the scarcity of employees with the necessary skills, this demand appears to outweigh the available supply.

It’s no news that the trends of malware are changing rapidly. In Q2 of 2022, research showed that malware for hire kept evolving. Daily organizations keep developing cross-platform malware to counter any system under possible attack.

6. In Q1 2022, About 270,000 New Malware Variants were Detected.

The source found 270,228 new malware varieties in the first quarter of 20221.

7. Phishing Sites are Now on the Increase.

We often get strange emails requesting us to click and send certain information about ourselves for a prize to be won. Once the information is supplied, they are mailed to fraudsters, and you’re at a risk of theft- phishing. Phishing sites are sites that look exactly like the official version of a website. A common example is PayPal; hackers use this mimicked site a lot to gain access to users’ credentials. 

Another group of sites prone to phishing are the banking and social media sites. A criminal will send you an email claiming to be a bank and trick you into revealing sensitive information about your account that could be used for theft. In 2019, statistics reported that Bank of America phishing rose above 34%, which made it the most spoofed bank of the year. Facebook, Instagram, LinkedIn, and Twitter are a few other platforms phishers operate through. 

8. Google Squashes Harmful Sites.

Google is one of the largest browsing engines on the internet. Due to the daily increase in cybercrime and malware, it put in place measures to protect its users from hackers and fraudsters. One of the measures is “safe browsing,” which pops out browser warnings when users try to access a dangerous site. As of August 7, 2022, research reported that about 3.849 million browser warnings popped out to users attempting to access hazardous websites. Also, about 1.6 million users saw signs in their search results that spelled out they were about to visit a dangerous site. Google keeps improving in identifying hazardous websites and taking them off results. In the last decade, the figure of warnings has drastically reduced. 

9. The Figures for Malware Attacks are on the Increase.

It is not breaking news that there will be an upsurge in malware attacks because cybercriminals never sleep. Attacks decreased slightly from 2015 to 2020; however, by 2022, malware attacks had increased to 10.4 million annually, making the fall temporary—the same as in 2018.

10. The New Variants of Malware are Decreasing by the Year.

Research on malware statistics by SonicWall indicated that there were 5.4 billion attacks in 2021. This suggested that malware attacks will slightly decline in 2020. 2.75 billion attacks were made in Q1 2022, and 112.3 million were made in Q2 2022.

11. Domain Generation Algorithms (DGAs) Obstruct Malware Alleviation Efforts.

Domain-generating methods are used to produce a large number of domain names automatically. These domain names serve as points of control and access for the malware box that is actively spreading malware. Domain generation methods also hinder attempts to reduce malware. This is why dismantling botnets is difficult. According to statistics, over 40 malware families—among them the well-known ones, Emotet, Mirai, and CCleaner—use DGAs. The source found more than 171 million domains randomly generated in 2019.

12. The Most Impacted Country with Malware Infection Via Mobile is Iran.

Over a fourth of mobile users in Iran were impacted by the most malware threats among Kaspersky mobile security users in 2022. However, there was a 10% reduction compared to the prior quarter.

Alarming Malware Statistics

Alarming Malware Statistics

13. Ransomware and IoT Malware are the Most Common.

Attacks using ransomware have dropped from 50.5 million in the first half of 2021 to 40 million monthly, but due to COVID-19, it increased.

14. As Cryptocurrencies Rebound, Cryptojacking Rebounds Too.

In the first half of 2022, compared to 2021, crypto-jacking—the illicit use of another person’s computer resources to mine cryptocurrencies—has surged by more than 30%.

15. The Shutdown of  Coinhive Revealed its Shocking Contribution to Cryptojacking.

Coinhive is a cryptocurrency miner that hackers and cybercriminals use to steal computational resources to earn cash in the form of Bitcoin. It was initially a respectable mining service until cybercriminals adopted it. Coinhive was founded in 2017 and voluntarily shut down in March of 2019. According to research, cryptojacking decreased by 78% on the cybersecurity monitoring network following the suspension of Coinhive.

16. Hackers’ Favorite Ransomware Tool is Cerber.

Cerber is a ransomware application that uses ransomware-as-a-service (RaaS) to encode files, hold them hostage, and demand a ransom. In 2017, research gathered that some RaaS was extremely affordable (< $40), while others exceeded $100 to buy and utilize.

17. In 2022, Cerber was the Top Ransomware Signature.

Cerber was the most common ransomware signature in the first half of 2022. Previously, Ryuk had defeated it to second position, but by the first half of 2022, it had recaptured the top spot. When the tables are turned, Cerber is present in more than 42 million infections.

18. The Log4j Breach Reveals Threats Can Come From Any Angle.

The Apache logging framework Log4j records events, routine system operations, and failures. In 2021, a well-known logging tool had a bug. As a result, hackers could run code on the affected systems. One felt the enormity of this gap. Even though a simple fix was found, it brought attention to the value of routine software updates—moreover, an effective cyber-resilience plan.

19. Universities are Still the Top Targets.

It’s common knowledge that universities make excellent targets for online thieves. When it attacked the IT infrastructure of the UCSF School of Medicine in 2019, ransomware attacker Netwalker gained notoriety for the University of California. The medical team’s main focus was finding a cure for COVID-19. Financial documents were the target of Netwalker’s $3 million ransom demand. Even though the attack wasn’t entirely successful, Netwalker nonetheless withdrew a $1,140,895 ransom from the pharmaceuticals group to repair the harm done. 2020 saw the BBC citing Netwalker as the perpetrator of two related targeted cyberattacks

20. Enterprises are the Most Common Target for Ransomware.

In Q2 2022, professional services were the common targets for ransomware. Next was the public sector, healthcare organizations, and software services, with 14.4%, 10%, and 9.4%, respectively. Financial institutions were significantly less common and dropped from 8.9% to 6.4% in 3 months.

21. Educational Establishments Often Pay Huge Ransoms.

As mentioned earlier, universities are more prone to ransomware attacks and are willing to pay hugely to rectify whatever damage is caused by the attackers. In 2019, the University of California was a victim while its medical team was on a project to find a cure for COVID-19. Although not 100% successful, they laid their hands on a few financial records and negotiated a Bitcoin ransom equivalent to $1,140,895. The same year, Maastricht University paid €200,000 to attackers, although this ransom was later recovered. Also, the University of Utah paid $457,000 to decrypt locked data by ransomware. In many cases, even after payment, victims don’t usually regain access to their files. 

22. Payment Demands of Ransomware are Increasing in Size.

Hackers prefer ransomware to any other virus or malware because of its payoff. It tends to fluctuate in size daily, always trending upwards. Statistics reported that by Q2 2022, the average ransom payment was $228,125, with a mean of $36,360.

23. About 30% of New Malware Detections Used Microsoft Office Files and PDFs.

For PC devices, Microsoft Office documents and PDFs are required. They account for a considerable amount of malware, with PDFs being the most common.

Malware Prediction for 2023

Malware Prediction for 2023

From the malware statistics gathered for 2022, it’s expected to see a few of the following for the remaining months of the year. 

  • Sites infected by malware will likely fall out of interest and decrease in volume.
  • Larger enterprises will continue to be the major target for cybercriminals. They foresee the hope of receiving a huge one-off payment. 
  • Ransomware payments will continue to be on the increase
  • Cryptojacking threats will also be on the increase. 

No one knows which new threat may emerge or how the malware statistics landscape will shift. Major security companies have reported that activities tend to increase in Q4 of most years.


For years, antivirus has been a sore throat. There is no telling when cybercrime and ransomware will be eradicated. Organizations are increasingly trying to decrease the frequency and severity of these attacks. Furthermore, every internet user must be wary of this threat by incorporating countermeasures to such attacks and their disruptive products.


How does cybersecurity track malware?

Which is the most common malware in 2023?

What is the median ransomware demand in 2023?


Jeff Beckman Tech Writer

Jeff Beckman Tech Writer

Jeff Beckman is a content writer and copywriter with 5+ years of experience in technology. He provides enjoyable, educational content through his experience working for various publications.