5 million new malware variants detected throughout 2019

As tech and security companies move forward in protecting their users against malware, cybercriminal groups also manage to develop new malware variants, which appear with a frightening frequency, as mentioned by cybersecurity specialists. In the middle of this race are users, who sometimes suffer the consequences of the sophistication of threat actors.

According to figures released by security firms and antivirus developers, more than 4.9 million malware samples were detected throughout 2019, including variants created to steal login credentials, intercept communications, or encrypt data and even entire systems.

In total, 13,500 different malware families were detected in 2019. Within the nearly 5 million samples of malicious developments, the most active proved to be the GandCrab ransomware, which features nearly 410,000 unique versions, meaning that, on average, 1,100 different versions of this encryption malware appeared each day last year, cybersecurity experts reported. It should be noted that, towards the end of 2019, the creators of the original version of GandCrab announced that they would stop supporting and updating the ransomware source code, although external actors keep developing new GandCrab variants.

GandCrab ransomware

The dishonorable second and third place on this list are occupied respectively by njRAT and BlackShades, both malicious developments belonging to the family of Remote Access Trojans (RATs), a variant of malware used by cybercriminals to take control of the target systems with administrative privileges. In total, 208,000 different versions of njRAT were detected, while BlackShades has at least 193,000 different versions, which equates to an average of 200 new Trojan versions each day of the year.

Another frequent actor in the annual reports on cybercriminal activity is the malware family known as Emotet, which has nearly 80,000 different versions detected to date.

Based on data collected by cybersecurity firms, a notable trend in 2019 was the increase in infection reports by remote access Trojans, a clear indicator that hackers are targeting the development of increasingly sophisticated ways to take control of a target system without the need for user interaction. Another variant of Trojans very active during 2019 focuses on the theft of bank details of victims.