270 million malware attacks registered in the first quarter of 2020

Malware is dangerous as it can disrupt, disable, or take control of the users’ computer systems. Malware has evolved over the years and comes with different functionality depending on the goals of the cybercriminal.

According to Atlas VPN investigation, hackers attacked desktop users over 269.97 million times in 2020 Q1.

Our data analysts compiled data from 3 major security companies—WatchGuard, Quick Heal, and Seqrite to get a clear look at the number of malware cyber-attacks in the first quarter of 2020.

Malware is divided into many types, such as ransomware, worm infections, cryptojacking, and many more. The graph below displays the top six malware types. All other malware types or malware that was not specified are combined into the “Other/Unspecified” category.

Other or unspecified malware amounted to most detections, exceeding 173 million or 64.11% of the total.

Infector is the second on the list with 28.78 million detections or 10.66% of the total number of malicious files found in 2020 Q1. The infector virus attaches itself to executable software and then spreads itself to other programs or networks that utilize the same infected software.

Worm malware is the third on the list and was caught 25.31 million times and comprises 9.38% of the total.

Worm malware spreads copies of itself to other computers without the help of users or other programs. A computer worm can damage users in the form of stolen data, overloading a shared network, or even taking control of a computer.

Adware is fourth on the list, and it had 19.4 million detections or 7.19% of the total. Adware is malicious software that bombards users with advertisements.

Exploit is fifth on the list, with 17.65 million detections or 6.54% of the total.

Exploits are a first step to intrude into a computer by taking advantage of a particular vulnerability in the system. After the initial intrusion, the exploit allows hackers to install various other malware onto the computer.

Cryptojacking is sixth on the list, with 4.89 million detections or 1.81% of the total.

Cryptojacking is also known as malicious crypto mining and is a relatively new type of malware. This malware uses the victims’ devices’ resources to mine cryptocurrencies.

The last on the list is ransomware with 850 thousand infections or 0.31% of the total.

Ransomware allows hackers to steal and encrypts the victims’ data. Cybercriminals demand a ransom payment to restore access to the files. If the victim does not pay the ransom, the hackers might choose to sell the data on the dark web.

Hackers were the most active during the first month of the quarter, with 87.14 million attacks in January. There was 84.33 million attacks in February and significantly less in March - 67.18 million threats.

Security companies from which Atlas VPN gathered the data did not provide a specific timeline for 31.2 million of the attacks.

Network scans detect most malware

Antivirus software and firewalls offer a variety of scans. The most common ones are network, real-time, web security, on-demand, behavioral, email, and memory scans.

It turns out that a network scan detected over 37% of malware in the first quarter of 2020. In other words, the network scan caught over 100 million malicious programs. A network scan inspects network traffic to detect and block cyber attacks.

A real-time scan caught 22% or over 59 million malicious programs. Real-time scan analyzes files and programs every time they are executed, opened, copied, or modified in any way.

Web Security scan detected 15% or over 40 million malicious attacks. Web Security scan evaluates websites and blocks them if they are potentially dangerous.

On-demand scan caught 13% or more than 35 million malware attacks. An on-demand scan allows users to manually scan inactive files or programs in a specified area on the computer.

A behavioral scan found 11% or over 29 million malware files. Behavioral scan finds and blocks new and unknown threats based on the behavior of the program.

Email scans detected 1% or more than 2 million malicious programs. Email scan analyzes incoming emails and blocks them if they carry malicious attachments or links.

A memory scan also caught 1% of malware. A memory scan analyzes memory to detect active malicious programs and cleans it.

It is safe to assume that threat actors became more active in the first quarter of 2020 due to the COVID-19 pandemic. Many people started working from home, which created opportunities for hackers to infect unsecured networks. We can expect similar or even higher numbers in the second quarter of 2020.


John C.

John C.


Tags: malware