Over 100 million Windows-targeted malware developed in 2021 alone
According to data analyzed and presented by Atlas VPN, 2021 marks a record year for the development of new Windows malware. Even though 2021 has another month to go, cybercriminals have already developed a whopping 107.28 million unique threats targeted at Windows devices.
Malware, or malicious software, is a collective term for all kinds of threats. Microsoft separates malware into thirteen distinct categories: backdoors, downloaders, droppers, exploits, hack tools, macro viruses, obfuscators, password stealers, ransomware, rogue security software, trojans, trojan clickers, and worms. In the report, Windows malware encompasses all thirteen categories.
The data for the analysis was provided by AV-TEST GmbH, an independent research institute for IT security. The figures were last updated on November 23, 2021.
Interestingly, the creation of new malware types targeted towards Windows OS devices has been growing steadily since 2012. On average, the quantity of new malicious software samples grows by 9.5 million or 23% YoY.
This year so far, we see 107.28 million new threats for Windows OS, representing a 16.53 million or 18% increase over 2020.
In other words, cybercriminals employed more of their resources towards Windows OS than ever before. To put things in perspective, threat actors developed around 328 thousand malware samples daily in 2021.
How does this translate into the real world? Well, whenever you see news concerning a data breach or other major cyber-incident, you can nearly guarantee that malware was involved.
There are many different pathways threat actors take to infect devices within an enterprise. Malware is hidden in more places than one can imagine, whether it is a spear-phishing attempt or a file downloaded from a website set up by scammers.
Of course, most attacks are halted by either built-in or third-party security systems, like firewalls, antiviruses, and other threat protection software.
Yet, hackers are constantly creating new types of viruses to overcome these security measures.
Cybercriminals work together to reduce costs
The fact that malicious software is easier to develop than ever before contributes to this unprecedented increase in risks.
Hackers no longer require advanced programming abilities because they can buy ready-made malware code, customize it to their needs with a little coding, and create an entirely new malware type.
Moreover, the wide availability of hackers-for-hire made prices ridiculously cheap. For example, one of our earlier analyses uncovered that hiring attacks on the dark web cost as little as $250 per attack.
Similarly, the cost of a spear-phishing attack might range from $100 to $1,000. Spearphishing differs from other phishing attempts in that it is directed at a specific target, whether it is an organization or a person. Targeted attacks have a much higher success rate than those sent out in bulk.
In short, a malicious person with a relatively small budget can cause severe issues to an organization's security.
For our readers - whenever you encounter an OS update that includes security patches, be sure to install it as soon as possible. You might notice that nearly every patch has a security update.
Why is that? Precisely because hackers are working day and night to find cracks within the operating system. Developers have to keep up with the latest malware types and patch them within days of discovering them.
Windows OS was always targeted much more often than macOS. The analysis only confirms the fact, which should remind Windows OS users to stay on their toes when browsing the web or downloading email attachments. You can’t be sure that the latest patch was enough to protect you against the new wave of malware threats.
Cybersecurity Researcher and Publisher at Atlas VPN. My mission is to scan the ever-evolving cybercrime landscape to inform the public about the latest threats.