Skip to main content
  2. Research
  3. Internet Security
  4. Cybercrime Statistics

Cybercrime Statistics 2022

This report tracks the latest cybercrime trends in 2022, including a massive surge in lucrative hacks of NFT platforms and the rise of cryptojacking. Malware that targets IoT devices is also now twice as prevalent than it was last year.

Simon Migliano
Simon Migliano

Simon Migliano is a recognized world expert in VPNs. He's tested hundreds of VPN services and his research has featured on the BBC, The New York Times and more. Read full bio

Cybercrime Statistics Report: thumbnail image showing Bored Ape Yacht Club NFT illustration
  • NFT crime: financial losses already 667% higher in 2022 than over all of 2021.
    • More than twice as many NFT hacks in 2022 to date than whole of 2021.
  • Cryptojacking is up 86% in 2022 compared to the monthly average in 2021
    • North America is increasingly a target, accounting for 91% of all known incidents in 2022, up from 82% in 2021.
  • IoT malware up 95% in 2022 compared to the monthly average in 2021
    • North America is experiencing the greatest growth of this type of threat, up 151% vs 2021.
  • Malware up 16% overall in 2022 compared to last year
    • Asia-Pacific has had the greatest growth of this type of threat, up 48% vs 2021
  • Intrusions up 14% in 2022 compared to monthly average in 2021, when there were 5.2 trillion intrusions in total over the course of the year.

Cybercrime Statistics Overview

The most notable cybersecurity trends naturally involve emerging technologies as they cross over into the mainstream. In 2022, several blockchain-based technologies have reached the point where their popularity far exceeds the general level of understanding of associated cybersecurity threats and potential vectors of attack.

While the concept of non-fungible tokens (NFTs) dates back to 2014[1], the market for NFTs has exploded in popularity in a very short time, attracting financial speculators flush with cryptocurrency. Platforms such as OpenSea and Binance have sprung up to facilitate the lucrative trade in NFTs.

With individual NFTs often changing hands for a million dollars or more, and sometimes much more than that,[2] it’s inevitable that the NFT ecosystem would become a target for hackers.

We found that while hacks on NFT platforms may have started small in early 2021, targeting individual users for a few tens of thousands of dollars, less than a year later, cybercriminals are now regularly making off with millions of dollars worth of cryptocurrency.

In the first four months of 2022 alone, NFT hacks have led to losses of almost $52 million compared with less than $7 million over the whole of 2021.

Our findings are based on an analysis of data from Slowmist,[3] which monitors blockchain security issues.

Cryptocurrency itself, another highly lucrative blockchain-based tech, is at the heart of another big cybersecurity trend in 2022. Cryptojacking is the unauthorized use of victims’ devices to mine for cryptocurrency, typically after infection with malware.

Our research found cryptojacking to be the fastest growing form of malware in 2022, no doubt thanks to a cryptocurrency market whose total value was over $2 trillion at the time of writing.[4]

The average monthly incidence of cryptojacking in 2022 to date is 86% higher than it was in 2021, with the bulk of detections taking place in the North American region.

Our analysis, which draws on threat intelligence data captured by firewall vendor SonicWall,[5] shows that the growth of cryptojacking far outstripped the general trend for malware, which is so far up 16% in 2022.

Only malware specifically targeting IoT devices, ie “smart” devices such as network-connected appliances and sensors, has seen anything like the same rate of growth this year.

Why did we conduct this research? Our goal is to educate the public about emerging trends in cybercrime so that they can protect themselves appropriately, ideally using a combination of two-factor authentication, a VPN (Virtual Private Network), password managers and cybersecurity software, such as Malwarebytes.

NFT Hacking Statistics

The chart below shows the number of known hacks on the NFT ecosystem since the beginning of 2021. After only a single “hack” in the first half of 2021, which was reportedly due to individual users failing to enable multi-factor authentication rather than security issues on the Nifty Gateway platform,[6] there have been almost 40 more incidents since then.

Number of NFT platform hacks per month 2021/22

Number of NFT platform hacks per month 2021/22

The following table shows the reported losses incurred in NFT ecosystem hacks since 2021 where the value has been disclosed. Entries are ordered by size of financial loss, greatest to least.

The table only contains hacks that resulted in a known financial loss. Download the full list of NFT hacks, which includes incidents where there was no loss recorded or confirmed.

Not only have there been more frequent NFT thefts in 2022 but they have become increasingly lucrative. The biggest individual heists have been since the start of 2022.

Sports NFT platform Lympo suffered the worst loss that we identified when it experienced a hot wallet security breach and lost tokens worth $18.7 million in January 2022.[7]

Dego Finance, an NFT and DeFi (decentralized finance) aggregator, was hit by a $10 million hack in February 2022.[8]

The platform’s own address providing liquidity on popular decentralized exchanges Uniswap and PancakeSwap was allegedly compromised and exhausted.[9]

NFT project Bored Bunny, which was promoted by various celebrities, is suspected as being set up as a “rug pull” scam that led to 2,000 ETH ($6.8 million) of raised funds being transferred out.[10]

OpenSea is considered to be the world’s leading NFT marketplace. Losses to date have exceeded $2.5 million over two hacks. The worst was in February 2022 when an attacker took advantage of news of a contract migration issue on the platform to launch a phishing attack that drained OpenSea users of their NFTs. The scam netted ETH worth $1.7 million, according to OpenSea co-founder Devin Finzer.[11]

Bored Ape Yacht Club, one of the most well-known NFT projects, was hacked in April 2022 when its official Instagram account was compromised and used to send a phishing message. The stolen NFTs as a result of this were reportedly worth $3 million.[12]

NFT Attack Types

The following table shows the methods use to attack the NFT ecosystem, typically resulting in the theft of tokens or cryptocurrency, since the start of 2021.

It’s notable that while the NFT ecosystem may still be very green, the most popular types of attack are as old as the hills. Basic scams, such as rug pulls, are the most common way for cybercriminals to drains funds from gullible investors hoping to strike it rich with the next big thing in NFTs.

Even the trend for using the Discord servers of individual NFT projects as an attack vector is still ultimately just another means of phishing.

It’s possible that NFT investors are wising up however, as scams account currently account for 21% of all NFT hacks in 2022 compared to 36% in 2021. This could change however over the year to come.

No platform vulnerabilities were successfully exploited until 2022 but now account for 17% of attacks this year.

Cryptojacking Statistics

The following chart shows the number of cryptojacking incidents worldwide by month since the start of 2021. The average number of cryptojacking incidents in 2022 stands at 15.02 million per month compared to 8.09 million per month over 2021, an increase of 86%.

Cryptojacking incidents worldwide by month

Cryptojacking incidents worldwide by month

The table below shows the number of incidents of cryptojacking by month from the start of 2021 by region. All data points are in millions.

Entailing the unauthorized use of victims’ devices to secretly mine cryptocurrency, cryptojacking may seem to be one of the less damaging forms of malware.

While to some extent this is true, there remain some key concerns arising from the growth in cryptojacking:

  1. The generation of cryptocurrency, especially the hard-to-trace Monero coins, is extremely lucrative and can be used to fund other crimes.
  2. Cryptojacking is most effective when distributed across a network, which makes enterprise a popular target. An undetected cryptojacking infection demonstrates poor security to hackers, who can then further exploit that with more directly-damaging malware, such as trojans.
  3. Infection with cryptojacking malware degrades a device’s performance and can also lead to unexpected increased electricity costs.

IoT Malware Statistics

The following chart shows the the number of incidences of malware relating to IoT devices detected around the world, by month from the beginning of 2021 to date. The average number of such incidents in 2022 stands at 9.5 million per month compared to 4.9 million over 2021, an increase of 95%.

IoT Malware detections by month (millions)

IoT Malware detections by month (millions).

The table below shows the number of incidents of IoT malware by month from the start of 2021 by region. All data points are in millions.

Malware that specifically targets IoT devices is the fastest growing type of malware so far this year. While it may be a relatively small slice of total malware, it represents a vast number of permutations of device and type of attack.

IoT devices have proliferated and range from consumer items, such as smart home devices and wearables, to retail uses, such as barcode readers and payment terminals, and industrial applications, such as sensors, drones and smart robotics. Many newer model cars also contain IoT components. Other key sectors that increasingly rely on IoT devices are healthcare and education.

All of these devices and sectors are being increasingly impacted by malware, particularly in North America. The region experienced over 60% of all such attacks in March 2022. In comparison, it accounted for just 24% of global attacks in March 2021.

Malware Statistics

The following chart shows the total number of malware incidents detected worldwide by month since the start of 2021. The average number of such incidents in 2022 stands at 534.2 million per month compared to 458.8 million over 2021, an increase of 16%.

Malware detections by month (millions

Total Malware detections globally by month (millions).

The table below shows the number of incidents of malware by month from the start of 2021 by region. All data points are in millions.

Total malware is increasing more modestly than its niches, however there are still over 75 million more attacks each month in 2022 around the world than there were in 2021.

Some of the key types of malware include:

  • Viruses
  • Trojans
  • Worms
  • Botnets
  • Adware
  • Spyware
  • Ransomware
  • Keyloggers
  • Fileless malware

Intrusions Statistics

The following chart shows the number of malicious intrusion attempts worldwide by month since the start of 2021. The average number of such intrusions in 2022 stands at 489.2 billion per month compared to 430.7 billion over 2021, an increase of 14%.

Intrusion detections globally 2021/22 (billions)

Malicious intrusion attempts detected globally 2021/22 (billions).

The table below shows the number of malicious intrusion attempts by month from the start of 2021 by region. All data points are in billions.

Malicious intrusion attempts involve hackers trying to gain access to a network or device by exploiting a vulnerability. Attackers typically take advantage of unpatched systems to gain entry or, more rarely, exploit zero-day vulnerabilities. Once inside, hackers will look to quickly exfiltrate as much data – or cause as much damage – as they can before withdrawing.

While growth in this kind of activity is broadly consistent around the world, the North American region has experienced the biggest increase with a 16% increase in the average number of monthly intrusions in 2022 compared to last year. The region accounts for two-thirds of all malicious intrusion attempts.

Methodology

NFT crime data was sourced from slowmist.io monitoring tools[13] and independently verified before analysis. Cryptocurrency amounts were converted into USD based on historical conversion rate at the time of the hack.

Malware statistics were sourced for analysis from SonicWall Capture Labs threat indicator dashboards.[14]

The authors of all our investigations abide by the journalists’ code of conduct.

References

[1] https://news.artnet.com/market/sothebys-is-hosting-its-first-curated-nft-sale-featuring-the-very-first-nft-ever-minted-1966003

[2] https://nftnow.com/features/most-expensive-nft-sales/

[3] https://slowmist.io/en/

[4] https://www.statista.com/statistics/730876/cryptocurrency-maket-value/

[5] https://www.sonicwall.com/

[6] https://www.theverge.com/2021/3/15/22331818/nifty-gateway-hack-steal-nfts-credit-card

[7] https://cointelegraph.com/news/animoca-brands-lympo-nft-platform-hacked-for-18-7-million

[8] https://twitter.com/PeckShieldAlert/status/1491659696465276931

[9] https://twitter.com/dego_finance/status/1491633269330173956

[10] https://cryptoslate.com/investors-lose-20-7-million-in-bored-bunny-nft-promoted-by-multiple-celebrities/

[11] https://www.theverge.com/2022/2/20/22943228/opensea-phishing-hack-smart-contract-bug-stolen-nft/

[12] https://www.theguardian.com/technology/2022/apr/26/bored-ape-yacht-club-nft-hack-theft-art-simian-oblivion

[13] https://www.slowmist.io/en/

[14] https://www.sonicwall.com/