Malware on the Decline? Or Is Evasion on the Rise?

Redwood Shores, CA, (PresseBox) - PandaLab's recent malware findings report indicates that the number of infected clients has decreased in February in relation to January. The data for this research was gathered from their antivirus tool. On the face of it this is a surprising fact as security researchers are continuously discussing an epidemic of client-side threats where there is a consistent increase in malware and their variants. However, looking closely at malware we see that hackers are investing in evasion techniques to bypass security controls, such as anti-virus. More so, as hackers are releasing new variants of client-side threats at such a rapid rate, anti-malware detection tools are faced with the nearly impossible task of keeping up-to-date with all new - and old- variants.

For instance, in our labs we have witnessed quite a few Trojans which were not detected by some common AVs for over a week. Other types of malware are used to sting victims very quickly so even if an AV detects the threat, it is already too late. Take for example the re-emergence of - what Imperva has dubbed - the "Boy in the Browser" (BitB) Trojan. This Trojan, once executed on the victim's machine, re-routes the victim's traffic to pass through an attacker controlled server. The BitB does this by tampering with the mapping of hostname to network address mechanism. Once this persistent change to the configuration file is performed, the exploit code is then removed from victim's machines. As a consequence, even if that user updated their latest AV content the next time they switched on their computer, no AV mechanism would detect this modification as the malware is not even installed on the machine.

We believe that although these results show a drop in malware, in reality, client-side malware will just continue to increase making the task of ensuring security on the client's machine all the more implausible. Ultimately, consumer infection has become a business problem. This means that businesses need to start dealing with this growing threat. While providers should urge consumers to be prudent, they must learn how to interact with infected consumers and create a safe business environment for them regardless of the general threat. These solutions include identifying account takeover, defeating phishing campaigns, detecting infected clients, interacting with infected clients and even sandboxing client sessions

For more information see the Imperva Blog

Press releases you might also be interested in

Weitere Informationen zum Thema "Sicherheit":

Künstliche Intelligenz in der Cybersecurity

Der der­zeit heiß dis­ku­tier­te Ein­satz künst­li­cher In­tel­li­genz in der Cy­berse­cu­ri­ty weckt Be­gehr­lich­kei­ten: All­zu­gern wür­den man­che An­wen­der den Groß­teil der teu­ren und zer­mür­ben­den Ar­beit im SOC kom­p­lett den KI-Sys­te­men über­las­sen. Wir­k­lich schlag­kräf­tig und hin­rei­chend ne­ben­wir­kungs­f­rei ar­bei­tet KI aber nur im Team mit men­sch­li­cher In­tel­li­genz.


Subscribe for news

The subscribtion service of the PresseBox informs you about press information of a certain topic by your choice at a choosen time. Please enter your email address to receive the email with the press releases.

An error occurred!

Thank you! You will receive a confirmation email within a few minutes.

I want to subscribe to the gratis press mail and have read and accepted the conditions.