Wednesday, December 25, 2024
HomeMalwareFive new malware programs are discovered every second

Five new malware programs are discovered every second

Published on

SIEM as a Service

A new report from the respected independent testing agency AV-Test.org reveals some scary-sounding facts about the state of malware today.

According to AV-Test.org, it has 578,702,687 malware samples in its testing database – with over 115 million discovered so far during 2016 alone.

That translates to 4-5 new malware samples every second of every day.

- Advertisement - SIEM as a Service

That doesn’t mean, of course, that your business is likely to encounter each and every one of those malware samples.  Indeed, the vast majority of it will probably never trouble you.

But no-one knows which malware might hit your company next, and so the only sensible approach is to protect against all of it.

Old-fashioned Windows viruses – which replicate – had been thought to be in decline, in favour of Windows-based Trojan horses (which don’t replicate).

windows-malware

However, when comparing first two quarters of 2016 to 2015, AV-Test.org has found that almost half of all new Windows malware (49.2%) can be classified as a “virus” as opposed to 30% in 2015.

Also on the rise is Android-based malware, with AV-Test.org reporting that they have now seen over 16.5 million different samples targeting the smartphone operating system.

Curiously, according to AV-Test.org, a resurgence is being seen in at least one area of malware that had previously thought to have been dwindling.

2

iOS’s malware threat, by comparison, is described as “negligible.”

The report warns that criminals are “massively expanding their activity” when it comes to Android, suggesting that attackers are finding it an increasingly effective way to earn income.

The criminals aren’t creating new strains of malware for fun.  They, just like you, are running a business.  They want their attack to infect corporate networks to steal information, to open backdoors, to hijack systems because that’s how they make their money.

Your job is to do a decent job of defending your users, your customers’ data, your business’s intellectual property, your infrastructure from malware attack.

There’s no such thing as a 100% fool-proof defence, but if you can harden your systems enough there is a chance that even a determined hacker will choose to find a softer target instead.

The good news is that security software is getting better all the time, and more and more businesses are protected proactively against threats – limiting the opportunities for an attack to succeed.

And that, of course, is where AV-Test.org comes in – they are independent experts in evaluating the quality of computer security products – putting them through their paces to determine which vendors are doing a good job, and who has dropped the ball.

When choosing an anti-virus solution for your business, look for a complete solution which has a long track record of performing well in independent comparative tests.

Because the malware attacks aren’t going to stop anytime soon.

The full report can be downloaded from the AV-Test.org website (PDF).

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

IBM AIX TCP/IP Vulnerability Lets Attackers Exploit to Launch Denial of Service Attack

IBM has issued a security bulletin warning of two vulnerabilities in its AIX operating...

Apache Auth-Bypass Vulnerability Lets Attackers Gain Control Over HugeGraph-Server

The Apache Software Foundation has issued a security alert regarding a critical vulnerability...

USA Launched Cyber Attack on Chinese Technology Firms

The Chinese National Internet Emergency Center (CNIE) has revealed two significant cases of cyber...

Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks

A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware

Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer...

BellaCiao, A new .NET Malware With Advanced Sophisticated Techniques

An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the...

Lazarus Hackers Using New VNC Based Malware To Attack Organizations Worldwide

The Lazarus Group has recently employed a sophisticated attack, dubbed "Operation DreamJob," to target...