A study performed by the Institutes for Application Security and System Security at Technische UniversitÃt Braunschweig in Germany looked at the Alexa top 1 million websites list in order to find how many of them run Webassembly code and of what nature. Of the nearly 1 million websites searched, the study found that 1,950 modules of Webassembly were being run across 1,639 websites. The study went further, investigating just how many of these modules were being used for malicious intent, and of what nature. The results of this analysis found that 55.8% of the webassembly modules being used across these sites were malicious, with 55.6% of it being cryptocurrency mining and the other .2% being obfuscation.
Source: https://it.slashdot.org/story/19/11/03/0044253/study-estimates-50-of-webassembly-sites-are-using-it-for-malicious-purposes