The AV-TEST Security Report 2017/2018: The latest Analysis of the IT Threat Scenario

Ransomware versus crypto miners

Aside from purely quantitative aspects, a look back on the past year compared to the 1st quarter of 2018 offers additional interesting insights into the economic trend of the "criminal IT industry". This is signaled by the proliferation statistics of ransomware, which dropped significantly in the 1st quarter of 2018. Whereas the quantity of new ransomware samples in 2017 tripled with 61,239 variants compared to the previous year (20,413 variants), these blackmailer Trojans have been in retreat in the 1st quarter of 2018. As an income source, however, ransomware remains lucrative for criminals. Apparently, the cybercrime industry has also been able to open up new business models, earning higher profits while at the same time reducing costs.

This involves crypto mining malware, i.e. malware code, that shovels digital profits immediately and directly into anonymous online accounts of cybercriminals, minimizing any lost profits – e.g. otherwise occurring due to victims' unwillingness to pay, the restriction to certain operating systems and types of devices, as well as administrative overhead. Thus, it should come as no surprise that there is explosive growth in the number of malware programs secretly abusing the performance of infected devices to calculate digital currencies.

Windows: the No. 1 target

Anyone seeking to efficiently plan and implement large-scale malware attacks is well advised to plant their malware samples in the vulnerabilities of the world's most widely distributed software ecosystem. This consistently makes the operating system from Redmond the most heavily-attacked software platform. In 2017, over 67 percent of all malware attacks were aimed at Windows systems. Compared to the previous year, however, the overall number of newly developed Windows malware samples has declined by just under 3 percentage points, which is a relief, on paper.

Android protection remains critical

Conversely, the intensity of attacks on Google's mobile platform continued to increase: 6.5% of all malware in 2017 targeted Android devices. Compared to the previous year, an increase of 0.88 percentage points. What sounds marginal has a devastating effect in reality, as up to now, only few mobile devices under Android provide a security app, much less deploy effective virus protection. At the same time, one out of three Android devices used worldwide is running on an out-of-date version of the operating system (Version 1.1 to 5.1.1) for which no more security updates are available. No more than 5.2% of all Android users are running the current Android-Version 8 aka "Oreo" version equipped with security updates!

Fivefold increase in macOS malware

In last year's Security Report, the AV-TEST Institute's measurement systems recorded a dramatic increase in malware figures for macOS of 370 percent over the previous year. This trend also continued unabated in 2017. While a total of 6,959 newly programmed malware samples targeted Apple computers in 2016, this figure increased fivefold to 37,030 new malware samples last year. In total, the volume of malware developed for macOS has been increasing steadily for ten years now.

IoT malware: a battle for the market of the future

Even if cautious forecasts by market research firms come true, over 830 million wearables and 20.8 billion networked devices will be deployed around the globe by the year 2020. These are numbers that thrill not only companies but also cybercriminals. This creates a volatile cocktail: On one side, there are product manufacturers without expertise in IT security, who always want to quickly launch their products onto the booming market. On the other side, the cybermafia, with a vast arsenal of already functioning and tested malware programs, is ready to ambush the masses of devices and online services offering them ample vulnerabilities for the proliferation of malicious codes. To that extent, one market is driving the other. The consumers are bearing the risk and footing the bill.

Download the complete report for free

Additional information and detailed metrics on the proliferation of malware and other malicious applications are provided in the comprehensive Security Report by the AV-TEST Institute. You can download the report here free of charge.

DOWNLOAD SECURITY REPORT 2017/18

Regular tests of smart home products and information on IoT devices with certified security can be found in our IoT Security Blog.

Would you like to know which protection program and which security app offers the best possible protection for your devices? AV-TEST offers you information on detection rates, usability and performance of all known security solutions, also free of charge. You can look up the results of the tests carried out monthly.

If you would like to regularly keep up to date on information from our institute concerning all aspects surrounding the topic of IT security, such as tests on smart-home products, wearables, fitness trackers or health apps and parental control applications, you can receive prompt and current information via our monthly security newsletter.