Thursday, December 5, 2024
HomeMalwareFive new malware programs are discovered every second

Five new malware programs are discovered every second

Published on

SIEM as a Service

A new report from the respected independent testing agency AV-Test.org reveals some scary-sounding facts about the state of malware today.

According to AV-Test.org, it has 578,702,687 malware samples in its testing database – with over 115 million discovered so far during 2016 alone.

That translates to 4-5 new malware samples every second of every day.

- Advertisement - SIEM as a Service

That doesn’t mean, of course, that your business is likely to encounter each and every one of those malware samples.  Indeed, the vast majority of it will probably never trouble you.

But no-one knows which malware might hit your company next, and so the only sensible approach is to protect against all of it.

Old-fashioned Windows viruses – which replicate – had been thought to be in decline, in favour of Windows-based Trojan horses (which don’t replicate).

windows-malware

However, when comparing first two quarters of 2016 to 2015, AV-Test.org has found that almost half of all new Windows malware (49.2%) can be classified as a “virus” as opposed to 30% in 2015.

Also on the rise is Android-based malware, with AV-Test.org reporting that they have now seen over 16.5 million different samples targeting the smartphone operating system.

Curiously, according to AV-Test.org, a resurgence is being seen in at least one area of malware that had previously thought to have been dwindling.

2

iOS’s malware threat, by comparison, is described as “negligible.”

The report warns that criminals are “massively expanding their activity” when it comes to Android, suggesting that attackers are finding it an increasingly effective way to earn income.

The criminals aren’t creating new strains of malware for fun.  They, just like you, are running a business.  They want their attack to infect corporate networks to steal information, to open backdoors, to hijack systems because that’s how they make their money.

Your job is to do a decent job of defending your users, your customers’ data, your business’s intellectual property, your infrastructure from malware attack.

There’s no such thing as a 100% fool-proof defence, but if you can harden your systems enough there is a chance that even a determined hacker will choose to find a softer target instead.

The good news is that security software is getting better all the time, and more and more businesses are protected proactively against threats – limiting the opportunities for an attack to succeed.

And that, of course, is where AV-Test.org comes in – they are independent experts in evaluating the quality of computer security products – putting them through their paces to determine which vendors are doing a good job, and who has dropped the ball.

When choosing an anti-virus solution for your business, look for a complete solution which has a long track record of performing well in independent comparative tests.

Because the malware attacks aren’t going to stop anytime soon.

The full report can be downloaded from the AV-Test.org website (PDF).

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

HCL DevOps Deploy / Launch Vulnerability Let Embed arbitrary HTML tags

Recently identified by security researchers, a new vulnerability in HCL DevOps Deploy and HCL...

CISA Warns of Zyxel Firewalls, CyberPanel, North Grid, & ProjectSend Flaws Exploited in Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about several vulnerabilities being...

HackSynth : Autonomous Pentesting Framework For Simulating Cyberattacks

HackSynth is an autonomous penetration testing agent that leverages Large Language Models (LLMs) to...

Fuji Electric Indonesia Hit by Ransomware Attack

Fuji Electric Indonesia has fallen victim to a ransomware attack, impacting its operations and...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Weaponized Word Documents Attacking Windows Users to Deliver NetSupport & BurnsRAT

The threat actors distributed malicious JS scripts disguised as legitimate business documents, primarily in...

PEFT-As-An-Attack, Jailbreaking Language Models For Malicious Prompts

Federated Parameter-Efficient Fine-Tuning (FedPEFT) is a technique that combines parameter-efficient fine-tuning (PEFT) with federated...

Hackers Cloning Websites, Exploiting RCE Flaws To Gain Access To Shopping Platforms

Cybercriminals are leveraging AI-powered phishing attacks, website cloning tools, and RCE exploits to target...