Just like the Greek myth, a Trojan horse in computing is malware that disguises itself as a legitimate program.
It can perform a variety of harmful actions, such as damaging files, stealing personal data, or allowing backdoor access.
It’s also one of the most widespread threats. Read these Trojan horse virus statistics to learn what kind of chaos they’re causing!
Contents
Shocking Trojan horse virus statistics
When this type of malware reaches its target, it can cause serious damage and financial loss.
These alarming stats will leave you clambering to turn on your antivirus:
- There were 2.75 billion Trojan infections in 2022.
- 58% of all malware attacks are from Trojans.
- 200,000 new mobile banking Trojans emerged last year.
- The Emotet Trojan costs upwards of $1 million per incident to remove.
- 30% of malware are Trojans coded with VBA, which is used by Microsoft Office software.
Trojan horse virus statistics by scale
Just how pervasive is this malware and who is the target? These stats reveal the scale of the threat.
1. 58% of all malware attacks are from Trojans.
Source: [AV-Test]
Successful cyber-attacks must begin undetected. That’s why the Trojan horse is the most popular tool.
More than half of all malware attacks worldwide are Trojans. When focusing only on Windows systems, this figure jumps to a staggering 64.31%.
2. There were 2.75 billion Trojan attacks in 2022.
Source: [SonicWall]
In total, there were 5.5 billion malware attacks in 2022, out of which 2.75 billion were Trojan horses.
This was an overall increase of 2% from 2021. The threat of malware isn’t going away anytime soon.
3. The United States ranked the highest with 2.68 billion malware attacks.
Source: [SonicWall]
The United States tops the list of countries with the most malware attacks in 2022, at 2.68 billion. This was followed by the UK with 4.329 billion, and India with 3.354 billion.
4. Mobile Trojans increased by 6.7% in 2022.
Source: [SecureList]
Although Windows has been the most popular target, mobile is now fully entrenched in malware. Trojan infections, specifically, are on the rise.
They’re the biggest mobile threat with 15.56% of the pie. This is an increase of 6.7% from 2021.
Still, overall malware installers on mobile have actually fallen from 3.46 million to 1.66 million.
Stats about different types of Trojan horse viruses
Trojan horses come in many shapes with different functions and distribution methods. These stats look at which types are the most common.
5. 30% of all malware variants are Visual Basic Application (VBA) Trojans.
Source: [Nuspire]
VBA Trojan is named after its programming language. VBA is popular in Microsoft Office applications, such as Excel, Word, and PowerPoint. That makes it difficult for security software to distinguish between legitimate code and malicious code.
30% of all malware comes in the form of VBA Trojans. It’s not surprising that Microsoft is disabling VBA Macros from the Internet by default this year.
6. Backdoor Trojans were the most common form of attack in the UK in 2022.
Source: [IBM]
Backdoor Trojans are the most common type of attack observed in the UK in 2022, comprising 18% of cases.
Basically, they create an undetected route into a victim’s computer. This allows attackers to regain access whenever they desire.
Other common Trojans include downloaders and banking types.
7. 94% of malware is distributed by email or Malspam.
Source: [Verizon]
Research suggests upwards of 94% of malware, the majority of which are Trojans, is distributed by email. This is known as Malspam.
The familiarity of Word and Excel files often leads users to trust them. Still, they can transform into carriers of malicious software.
Other common delivery methods include harmful websites, fake and pirated software, and social engineering.
8. Banking is the most targeted sector with over 200,000 new mobile banking Trojans in 2022.
Source: [Kaspersky]
Antivirus provider Kaspersky detected approximately 200,000 brand-new mobile banking Trojans. That’s double the amount found in 2021.
This shocking rate of new malware is the highest seen in the last 6 years.
9. 15% of all computers are part of a Trojan botnet.
Sources: [BitDefender, Stevanovic et al]
A botnet is a network of compromised computers forced to carry out cyber-attacks.
BitDefender says 15% of all computers connected to the internet are “zombies” in botnets. Back in 2012, research by Stevanovic et al put this as high as 40%.
Interestingly enough, cybercriminals often rely on Trojan horses for the initial infection to create a botnet.
They can be used to download and install additional malware, such as a botnet controller. This allows the attacker to remotely control the infected computer.
10. Botnets generate between 50 and 80% of all spam.
Sources: [Encyclopedia Britannica]
In turn, botnets created through Trojans then account for most email spam. The vicious cycle continues when email is their number one distribution method.
This is a clear example of how interconnected the modes of cyberattacks can be.
Stats about the most devastating individual Trojan horse viruses
Trojans have unique characteristics and can be traced back to specific networks and cybercriminal groups.
Developers usually name their malware. Or it gets named later when it becomes more widely known.
Here are some of the most infamous examples:
11. Since 2014, the Emotet Trojan is the most destructive malware in the world.
Sources: [Homeland Security, Telsy]
Emotet was first discovered in 2014 as a banking Trojan in Germany and Austria. Since then, it has become one of the most costly malware in the world according to US Homeland Security.
High-profile victims have included:
- The Canadian Department of Justice of the province of Quebec
- Government systems in Allentown Pennsylvania
- The Fürstenfeldbruck hospital in Germany
- The Berlin Court of Appeal.
12. Emotet costs upwards of $1 million per incident to remove.
Source: [MalwareBytes]
If you thought an antivirus program was expensive, consider this:
Commercial infections with Emotet cost approximately $1 million per incident to clean up.
An example of this was the attack on the City of Allentown, PA.
Once it infects a victim, it goes through their email contacts and sends out spam with dangerous links and attachments. The messages look like legit emails from the previous victim.
A single million-dollar incident can then quickly spiral out of control.
13. Emotet attacks grew to 9,086 in March 2022 and it was still observed in 2023.
Source: [SecureList]
Despite coordinated law enforcement action by Europol and Eurojust in 2021, Emotet attacks continue. One peak month was March 2022 with 9,086 attacks compared to February’s 2,847.
A year later in March 2023, Emotet was observed again sending email spam with malicious Word files.
14. The most widespread Trojan is njRAT.
Source: [AlienVault]
Thanks to its simplicity and popularity in the Middle East, njRAT has been the most prevalent Trojan in recent years.
It is commonly delivered via drive-by downloads or phishing attacks. It also logs keystrokes and provides remote desktop access, including the victim’s webcam and microphone.
15. In 2022, 82% of banking Trojans were Emotet and njRAT.
Source: [TheCyphere]
Emotet accounted for 67% of banking Trojan infections in 2022. Basically, they snoop on the victim’s online banking activity and steal login credentials, credit card data, and other sensitive info.
Banking Trojans based on njRAT accounted for 15%, while another called Qakbot took third place with 9% of infections.
Wrap up
These Trojan horse virus statistics paint a worrying picture for everyday cybersecurity.
New variants are emerging every day on desktop and mobile. On top of that, older threats like Emotet are coming back stronger than ever.
Still, users can reduce the risk by staying vigilant against suspicious emails and taking proactive steps to protect devices.
FAQ
More than half of all malware attacks are Trojans. For example, there were 2.75 billion attacks in 2022.
The exact prevalence varies on factors such as region and industry, but they remain the most popular tool.
The most recent data suggests Trojans make up 58% of all known malware, rising to 64.31% for Windows systems.
The most common Trojan in recent years is called njRAT. Other widespread variants include Emotet, Zeus, TrickBot, and CryptoLocker. Go through our Trojan horse statistics for more fascinating facts!
Sources:
- AV-Test
- SonicWall
- SecureList
- Nuspire
- IBM
- Verizon
- Kaspersky
- BitDefender
- Stevanovic et al
- Encyclopedia Britannica
- Homeland Security
- Telsy
- MalwareBytes
- SecureList
- AlienVault
- TheCyphere