Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Almost Every Victim Sees Unique Malware, Webroot Says

    By
    Robert Lemos
    -
    February 24, 2016
    Share
    Facebook
    Twitter
    Linkedin
      malware variants

      Every snowflake may be unique, but now, so is nearly every piece of malware, according to the latest report by security firm Webroot.

      Last year, 97 percent of malware encountered by potential victims was a unique variant, the culmination of a trend that started more than a half decade ago, the company stated in its Webroot 2016 Threat Brief. While no antivirus company relies only on signatures—also known as “hashes”—to detect malware, slightly modifying the malicious programs to foil the first line of defense is an easy step for attackers, Grayson Milbourne, security intelligence director for Webroot, told eWEEK.

      “From a hash perspective, each of those threats are unique to that particular endpoint,” he said. “Those threats were only seen on the endpoint that recorded it.”

      Overall, the amount of malware seen by end users appears to be leveling off. Webroot detected only a slight increase in malware as a proportion of all unique files executed by its users. The number of potentially unwanted software programs blocked by Webroot, however, declined by almost half. In part, the drop is likely due to efforts by the Clean Software Alliance, a group dedicated to preventing unwanted software installs.

      “Because of the Clean Software Alliance, companies are doing a better job of leading people toward the legitimate source [of a desired program],” he said. “So the bad acting, pay-per-install groups are realizing that, if they are going to thrive, they have to act more like malware and evade detection. We see them using the same techniques now as most malware.”

      Webroot, however, saw a dramatic increase in the number of new Internet addresses from which malicious attacks came. On average, nearly 100,000 new Internet addresses showed signs of malicious behavior each day, making up about 40 percent of the 250,000 addresses showing daily signs of malicious activity, Milbourne said.

      “There is an increased migration into the unused, and otherwise thought-to-be-benign, IP space, which is a reaction by cyber-criminals as they try to stay ahead of Web companies,” he said.

      The trend appears to be a sign that criminals are moving away from using the same sites and systems for malicious activity. In 2014, Webroot detected malicious activity 46 times from the average IP address on its top 10,000 list of malicious actors. In 2015, the frequency dropped to 18 times a year, Milbourne said.

      “We track the top 10,000 IP addresses and how often we see malicious activity there,” he said. “We have seen a drop in the number of times we see malicious activity from those addresses.”

      Many of the sites are used as a destination for phishing victims. Webroot found that phishing attacks were twice as likely to masquerade as a technology company than as a financial firm. Google, Dropbox and Yahoo topped the list of technology firms whose credentials attackers sought, Milbourne said.

      “You would think that financial would be the target, but the technology companies provide more net value because if I can break into your email account at Google, I can then figure out what value you have,” he said.

      Avatar
      Robert Lemos
      Robert Lemos is an award-winning freelance journalist who has covered information security, cybercrime and technology's impact on society for almost two decades. A former research engineer, he's written for Ars Technica, CNET, eWEEK, MIT Technology Review, Threatpost and ZDNet. He won the prestigious Sigma Delta Chi award from the Society of Professional Journalists in 2003 for his coverage of the Blaster worm and its impact, and the SANS Institute's Top Cybersecurity Journalists in 2010 and 2014.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×