The Malware Trend Report Q1 2014 released by security provider RedSocks reveals that more than one-in-four malicious files that were identified in the first quarter of this year failed to be detected three leading antivirus solutions the researchers were employing.
The researchers actively collect large numbers of malware samples through a distribution of honeypots monitoring five continents globally and share large numbers of samples with the antivirus industry, and the study indicates that antivirus solutions are letting a lot of threats go undetected.
“Protecting your data from Internet-based threats is not an easy task — and relying on protection from Anti-Virus companies, no matter how established their brand, is simply not enough. Comprehensive protection requires an entirely new approach,” the report’s authors said.
Key findings in the Q1 2014 report include:
- In the first 3 months of 2014 the total amount of new malicious files processed per month went from ~7.0 million in January to ~5.2 million in February, finally escalating to ~8.2 million in March
- In January 29% of new threats were not detected; for February it was 35%; in March, 26% were not detected
- In January the number of identified Backdoors and Botnets was 181k while in February this number dropped to 97k. In March, however, we see the numbers triple to 276k
- The number of identified Trojans went from 3.4 million in January to 2.2 million in February up to an incredible 4.0 million in March
- “Trojan.Generic.10391474”, with 140k, was the most used Trojan of the first quarter
- In the Worms category, “Worm.Generic.389275” was by far the most popular with 833k instances
- Overall they identified 347k worms in January, 314k in February and 252k in March
- Within the top 10 of countries hosting the busiest C&C servers, the United States is leading the first quarter of 2014 followed by the Russian Federation, Germany holds the third place overall but the United Kingdom was third in February and March
“A significant challenge to existing security infrastructures is that they depend on anti-virus software and firewalls to protect against threats at the enterprise level. Unfortunately, this level of protection is not robust enough to protect against data-compromising malware,” the company stated.
“Quite frequently these solutions do not alert you when malware finds its way into your system and also lack the flexibility to quickly adjust to the growing sophistication of malicious threats.”
Read More Here (PDF)…