Introducing IaCConf 2025, the free virtual event for elevating your IaC skills

➡️ Register Now

General

50+ Malware Statistics for 2025

malware statistics

🚀 Level Up Your Infrastructure Skills

You focus on building. We’ll keep you updated. Get curated infrastructure insights that help you make smarter decisions.

Did you breathe a sigh of relief after 2018, when malware attacks seemed to have finally peaked? Attacks using malicious software (malware) to steal data, disrupt system operations, and cause other damage indeed declined after 2018, but it was only a temporary reprieve: Malware attacks are on the rise again. 

Read on to discover the most affected industries, the disastrous financial impact, common forms of attack, and the steps you can take to avoid becoming a target.

Top malware statistics

Malware Statistics
  • The average ransom payment increased 500% to $2 million in 2024. 
  • 59% of organizations were subject to an attack in 2024.
  • Even among small companies (<$10 million revenue), 47% were hit by ransomware in the last year.
  • The average cost of recovery from a malware attack reached $2.73 million in 2024 —  an increase of almost $1 million since 2023.
  • Payoff demands are growing — 63% of ransom demands are for at least $1 million, and 30% demand more than $5 million.
  • The most commonly reported root causes of attacks are exploited vulnerabilities (32%), compromised credentials (29%), and malicious emails (23%). 

Global malware attacks by volume

Malware reached an all-time high of 10.5 billion attacks in 2018, but after an initial decline, it has started to increase again. 

  • Daily new malware samples averaged between about 450,000 (AV-TEST figure) and 560,000 (Statista) in 2024.
  • By 2024, more than 1.2 billion distinct malware samples existed.
  • More than 100 million new malware strains were identified in 2023
  • The most active year for new malware strains was 2021, when 150 million were identified.

Malware attacks by region

Malware distribution varies significantly by region:

  • North America: About half of all global attacks — ~2.75 billion — took place in North America in 2022. This marked a 10% decrease from 2021.
  • Asia-Pacific: The Asia-Pacific region became a key target for malware attacks by 2023, following a 38% increase in 2022.
  • Europe: Malware attacks rose 10% in 2022.
  • Latin America: Malware attacks increased 17%.

Country-specific data

  • United States: As the country most targeted by malware, the United States accounted for nearly half of global attacks (~2.7 billion) in 2022, and ~45% of global ransomware attacks in 2023.
    • California was the state with the highest attack volume.
    • Kansas had the highest per-capita rate of attacks.
  • Vietnam: Vietnam experienced the highest per-capita rate of malware in the world.

Malware types and prevalence

Short for “malicious software,” malware takes various forms, all designed to damage data and computer systems or gain unauthorized access to a network. Trojans, worms, viruses, ransomware, spyware, adware, and crypto-jacking are all forms of malware. 

Trojans

Inspired by the Trojan horse of Greek mythology, ​​Trojans look like legitimate software and use this deception to gain access to networks. 

  • Trojans represent ~58% of all malware attacks.
  • The most common Trojans are banking Trojans, which steal login credentials and other sensitive information. They act as remote access Trojans (RAT), enabling the attacker to control the malware installed on an infected system remotely. 

Worms

Worms are self-replicating pieces of malware.

  • In 2022, worms represented the most blocked malware.
  • Webshell malware is a common worm. It enables cybercriminals to gain persistent remote access to compromised web servers, so they can execute arbitrary commands, exfiltrate data, and potentially launch more attacks later. The scripts are often installed by exploiting vulnerabilities in web applications or misconfigured servers. 

Ransomware

Ransomware encrypts files, with attackers demanding a ransom in return for decrypting the files. 

  • This is a particularly devastating and widespread crime, targeting 66% of organizations in 2022 and 59% in 2023.
  • Ransomware is a factor in 59% of financially motivated cyber incidents.
  • Common ransomware strains include WannaCry, LockBit, and Clop.
  • Double extortion tactics are becoming widespread. These involve the threat of publishing the encrypted files on the dark web, selling them to the highest bidder, or permanently restricting access. 

Spyware

Spyware tracks user activity.

  • It is often delivered as Trojans, which monitor user activities and steal sensitive data.
  • Among higher-education institutions,  77% of reported incidents involved spyware in 2023.

Adware and malvertising

Adware and malvertising are types of unwanted advertising with different delivery methods and potential risks. Whereas adware is a program that shows unwanted ads on your device, frequently bundled with other software, malvertising uses malicious ads to spread malware through compromised ad networks. 

  • Both adware and malvertising are common on mobile platforms, especially Android.
  • Malvertising increased by 42% in late 2023, with a marked impact in South/Southeast Asia.

Cryptojacking

Been cryptojacked? That’s when the attacker hijacks your computing resources to mine cryptocurrency.

  • By the end of 2023, there were more than 1 billion global incidents of cryptojacking, a figure that aligned with cryptocurrency market fluctuations.

Other notable trends

Here are some other noteworthy trends in malware.

  • Web shell backdoors rose to dominate malware families in early 2023. A web shell is a Web script installed on an openly accessible web server to give cybercriminals access to the web server as a gateway into a network.
  • First detected in 2014, the Emotet botnet is still a significant threat. 
  • Nation-state malware has seen staggering increases, most notably the 8,105% increase in cyberattacks targeting Ukraine in 2022.

Malware impact and costs

​​Malware can be disastrous for individuals and organizations. Costs include both direct losses, such as stolen data or ransom payments, and indirect costs, including lost revenue and reputational damage. 

Financial implications

Malware is now a huge financial drain on organizations worldwide. 

  • Global ransomware damages surpassed $30 billion in 2023.
  • In terms of individual attacks, the average data breach cost organizations $4.45 million in 2023, with breaches in the healthcare sector averaging more than $10 million.

Ransomware payments

Among ransomware victims, costs can include both the cost of the ransom and the losses incurred to recover from the attack.

  • The average ransom demand in 2024 reached $220,000, with median payments coming in at around $10,000.
  • 84% of ransomware victims reported revenue loss. The deepest impact is on sectors such as education (94%) and construction (93%).

Frequency of attacks

Malware attacks are an ever-present fact of life, and they are becoming more prevalent. 

  • A ransomware attack strikes a business every 11 seconds on average (This equates to about four per minute globally.).
  • 39% of companies faced general malware attacks in the past year.

Secondary damage

  • 40% of malware attacks result in data theft or sensitive information leaks.
  • Over 1 million identity theft incidents were reported in the United States alone in 2023.

Recovery and downtime

  • It takes approximately 277 days on average to identify a breach and contain it.
  • For smaller companies, the average cost of recovery from a ransomware attack is $165,000.

Malware by platform

Not all platforms experience the same level of malware attacks. The Windows operating system (OS) and Android devices seem to be particularly prone to attack. 

Windows

  • Approximately 83% of all new malware is aimed at the Windows OS, making it the dominant target. 

Mobile

  • Android is the main target for attackers focused on mobile malware, attracting between 95& and 98% of mobile malware.
  • Threats to Apple’s iOS are on the rise, particularly phishing and profile-based attacks.

IoT devices

  • The Internet of Things (IoT) is becoming more vulnerable; ~75% of infected devices are routers.
  • In the first half of 2023 alone, some 1.5 billion IoT breaches were reported.

Email and web as vectors

  • Email accounts for 92% of malware delivery. This is done mainly via phishing.
  • However, web-based malware (also known as browser-based malware) is starting to become more significant.

How to prevent malware

As we have seen, malware is now an ever-present threat, but there are steps you can take to prevent or at least minimize it.

  1. Make sure your computer and software are up-to-date.
  2. Don’t use an administrator account unless you have to.
  3. Don’t click suspicious links or download anything you’re not sure about.
  4. Think twice before opening email attachments or images.
  5. Avoid pop-up windows that request you download software.
  6. Keep file-sharing to a minimum.
  7. Install antivirus software.

Key takeaways

Malware threats are on the rise once again, and the attacks are becoming more sophisticated and targeted. The financial costs of these attacks are also growing dramatically and affecting businesses worldwide. Avoid becoming a malware victim by remaining vigilant across all platforms, especially Windows, Android, and IoT.

Sources

Solve your infrastructure challenges

Spacelift is a flexible orchestration solution for IaC development. It delivers enhanced collaboration, automation, and controls to simplify and accelerate the provisioning of cloud-based infrastructures.

Learn more

Thu, May 15, 2025 @ 11:00am EDT

The First Community-Driven
IaC Conference

Register now