Skip Navigation
BlackBerry Blog

New Malware Is Born Every Minute

Most cybersecurity leaders accept the notion that cyberthreats are becoming more frequent. Now the BlackBerry Threat Research and Intelligence team offers proof of just how frequently threat actors deploy attacks using new, previously undetected malware.

From December 2022 to February 2023, CylanceENDPOINT™ security solutions by BlackBerry blocked an average of more than 1.5 brand-new malware variants every single minute of the day: This represents a 50% increase from the previous quarter.

Cyberattacks by the Numbers

The latest BlackBerry Global Threat Intelligence Report breaks down cyberattacks “by the numbers,” based on telemetry obtained by the company’s own Cylance® AI (artificial intelligence)-driven platform, enhanced with proprietary machine learning (ML) and expert analysis from the company’s world-class threat intelligence analysts, and complemented by additional public and private intelligence sources.

Per the report, CylanceENDPOINT security solutions by BlackBerry detected and stopped a total of 1,578,733 malware-based cyberattacks recorded in the time period analyzed in the report. The authors also report that during the three-month period:

  • Threat actors deployed, on average, approximately 17,738 malicious samples per day — or 12 attacks every minute — against customers protected by BlackBerry® technologies. 
  • These threats included 200,454 unique malware samples that differ from previously seen threats: This translates to an average of approximately 2,252 novel malware samples deployed per day — or roughly 1.5 new samples per minute.

These numbers prove that cyberthreat actors are relentless and have stepped up their attacks by frequently altering their code to circumvent typical or legacy antivirus solutions that rely on obsolete signature-based detection methods. Fortunately, AI-based security such as CylanceENDPOINT remains more than 98% effective.

New Malware Variants by Country

The top five countries where threat actors most frequently used new malware variants against BlackBerry customers are:

  1. United States (55% of unique attacks detected)
  2. Japan (9%)
  3. Canada (9%)
  4. Brazil (5%)
  5. Mexico (5%)
Image — Top ten countries where unique malicious samples were used in cyberattacks against BlackBerry-protected devices. (Source: BlackBerry Global Threat Intelligence Report).

Why Are New Malware Variants Increasing?

There are a number of reasons why new malware variants are increasing, but cybercrime “as a service” is a primary one. This is because these malware-as-a-service offerings allow non-technical threat actors to lease various cybercrime infrastructures to launch — and even customize — attacks.

Another possible explanation is that a growing number of cybercriminals may be abusing AI chatbots, such as ChatGPT powered by OpenAI.

As the BlackBerry report notes, only one month after ChatGPT was released worldwide in November 2022, “The first reports of cyber criminals testing and discussing its potential for use in fraud and creating basic malware strains began in December 2022. In January 2023, researchers demonstrated that ChatGPT could help write complex malicious code with polymorphic capabilities.

“As AI-powered bots like ChatGPT become more advanced and more common, their capabilities will inevitably be abused for malicious purposes. Defending against these growing threats requires prevention and detection capabilities, as well as effective threat intelligence.”

Malware Attacks in Greater Context

At BlackBerry, we recognize that in today’s world, security leaders must expand their focus beyond technologies and their vulnerabilities. To effectively manage risk, these leaders must continually analyze the global threat landscape to make informed business decisions that enhance their organization’s security posture. Similarly, business leaders require awareness of how security, risk exposure, and cyber defense strategy can affect their business operations.

By leveraging BlackBerry’s Quarterly Global Threat Intelligence Report and subscribing to our professional CylanceINTELLIGENCE™ cyber threat intelligence (CTI) service, both security and business leaders now have access to this useful, timely information.

For similar articles and news delivered straight to your inbox, subscribe to the BlackBerry Blog.
Bruce Sussman

About Bruce Sussman

Bruce Sussman is Senior Managing Editor at BlackBerry.