|
IT Developments
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Major antivirus engines failing to detect malware
- From: Brian Warkoczeski
- Date: Thu Jul 16 14:52:58 2009
Major antivirus engines failing to detect malware
By Vivian Yeo ZDNet Asia
Jul 15, 2009
http://news.zdnet.com
Antivirus vendors are having trouble keeping up with e-mail viruses,
according to a new security report.
Released Tuesday, the Commtouch Q2 2009 Internet Threats Trend Report
noted a spike in the number of e-mail viruses that slipped past major
antivirus engines between late May and June. The security vendor based
its findings on the analysis of over 2 billion e-mail messages and
Internet transactions daily in its cloud-based global detection centers.
The dramatic rise, said the Israel-headquartered security vendor, was
due to "aggressive" new variants of a number of Trojans. Several
outbreaks had a wide distribution, which caused malware numbers to
increase exponentially from typically low quantities circulated via e-mail.
With every new malware variant, there is a window where antivirus
companies recognize and implement dedicated new signatures to protect
their customers, explained CommTouch. This method, however, proved
inefficient with the massive growth, so security vendors resorted to
generic signatures to block all variants of the same malware family,
which have not been effective against the recent variants, it added.
"For the last year-and-a-half, antivirus engines effectively blocked
many virus variants with generic signatures," Amir Lev, chief technology
officer of Commtouch, said in a company statement. "In the second
quarter, however, malware distributors introduced large quantities of
new variants which are immune to these generic signatures, therefore
causing sharp increases in undetected malware samples that were blocked
by Commtouch."
Some of the top malware cited by CommTouch as undetected by major
antivirus software, were Mal/WaledPak-A, Troj/Agent-KBE and Mal/WaledPak-A.
The report also noted a sharp rise in the number of newly activated
zombie PCs or bots during the same period. For the second quarter, an
average of 376,000 new bots were activated each day for malicious use.
Between April and June, Brazil had the biggest share of zombie machines,
with a 17.5 percent share of global bot activity, said CommTouch.
Mac malware is also on the rise, according to the company. Last month,
security researchers warned of two new attacks targeting OS X users.
Citing security software company ParetoLogic, CommTouch said in its
report there was an increasing number of Mac Trojans in the wild, as
malware writers expand their attack surface by including as many
platforms and browsers as they can. This trend is expected to continue
for the rest of the year, it added.
This article was originally posted on ZDNet Asia.
|
|
|
