Malware Attacks Hit Constantly

Thursday, April 4, 2013 @ 04:04 PM gHale

Talk about having to remain vigilant: Businesses face an attack once every three minutes with advanced malware capable of avoiding detection from traditional tools such as firewalls and anti-virus software, a new report said.

Spear phishing remained the most common attack strategy for getting malware into an enterprise, said security firm FireEye in its H2 2012 Threat Report. The company said they based the report on data gathered from 89 million malware events, along with intelligence from its research team.

Trojan Hides in File, Evades Sandbox
Malware Uses Note Taking Service
Mac Trojan Injects Ads into Sites
DHS Ransomware Making Rounds

Spear phishing looks to trick victims into downloading malware by sending messages using common business terms designed to entice them to click on a malicious email file attachment or web link.

FireEye said most of messages it detected masqueraded as shipping and delivery, finance, and general business topics and the top term in malware files names was UPS. The firm said while attack methods remain simple, the malware the bad guys are using is getting more sophisticated.

“Several innovations have appeared to better evade detection. Instances of malware are uncovered that execute only when users move a mouse, a tactic which could dupe current sandbox detection systems since the malware doesn’t generate any activity,” FireEye researchers said.

“In addition, malware writers have also incorporated virtual machine detection to bypass sandboxing.”

FireEye chief technology officer Ashar Aziz said the malware evolution is proof businesses need to adopt new intelligence based defense strategies.

“As cybercriminals invest more in advanced malware and innovations to better evade detection, enterprises must rethink their security infrastructure and reinforce their traditional defenses with a new layer of security that is able to detect these dynamic, unknown threats in real time,” Aziz said.

Leave a Reply

You must be logged in to post a comment.