Europol recently ranked ransomware as "the most prominent malware threat", but by another measure it's a fringe danger.
Despite the chaos caused by the recent WannaCry and NotPetya outbreaks, these file-encrypting extortion programs are part of a class of malware that made up less than one percent of 600 million unique malicious programs for Windows in 2016, according to antivirus testing group AV-Test.
AV-Test argues that 2016 was wrongly named the "year of ransomware" but it did earn the title due to the damage it caused and its mode of action, which can be highly targeted at organizations or spread indiscriminately.
However, it does note that the fourth most widespread malware family in 2016 was the file-encrypting Virlock ransomware. And as Microsoft notes in a recent report, half a billion emails with ransomware downloaders are sent to Windows systems every quarter.
Banking trojans' share of 2.74 percent of all malware also doesn't capture the damage this malware caused, for example, through attacks on the SWIFT banking network.
Overall, there was a 15 percent decline in new malware developed for Windows in 2016 compared with 2015, suggesting a slowdown in new threats. Windows malware accounts for 70 percent of all malware of the 640 million samples AV-Test counts. Android malware makes up 5.6 percent.
Threats to Linux systems, such as the Mirai botnet malware, increased 300 percent in 2016, while malware for macOS rose 370 percent, from 819 different malware threats to 3,033. Most of these threats to macOS are considered "potentially unwanted software"
The number of new malicious apps for Android in 2016 reached four million, or double the figure for 2015. Most of these threats are trojanized apps.
Ransomware for Android remained a minor threat at 0.22 percent of all Android malware totaling 8,822, down from 12,521 last year.