Evasive malware threats doubled in 2019

Sophisticated methods of attack that dodge detection are becoming commonplace

The proportion of 'evasive' malware threats that sneak past signature-based detection systems surged towards the end of last year, almost doubling against figures from last year.

Related Resource

How enterprises are embracing cyber security challenges

Enterprises across Europe, the Middle East and Africa are undergoing a significant transformation

Download now

Evasive malware threats comprised 68% in the fourth quarter of 2019, versus an average of 35% in 2019, according to a report by WatchGuard. The surge in these threats, as well as zero-day malware, are largely missed by traditional antivirus engines and show that sophisticated methods of attack are becoming more commonplace among hackers.

SQL injection, meanwhile, rose an enormous 8000% in the last quarter of 2019 against 2018, and was the most common form of network attack by some distance.

“Our findings from Q4 2019 show that threat actors are always evolving their attack methods,” said WatchGuard CTO Corey Nachreiner. 

“With over two-thirds of malware in the wild obfuscated to sneak past signature-based defenses, and innovations like Mac adware on the rise, businesses of all sizes need to invest in multiple layers of security. 

“Advanced AI or behavioural-based anti-malware technology and robust phishing protection like DNS filtering will be especially crucial.”

Chiming with the findings of a Malwarebytes report last month, Mac malware has also experienced a surge in the last few months. WatchGuard researchers found Mac adware returned to its top ten threats list, while a former study revealed that Mac malware detections overtook Windows for the first time.

Elsewhere, the study found that among the most common threats is a legacy Microsoft Excel flaw from 2017, assigned CVE-2017-11882, still being exploited by cyber cirminals. This ‘doppler’ exploit is heavily targeted at users in the UK, among other nations, and involves downloading several types of malware onto victims’ systems.

WatchGuard recommended that users ramp up the sophistication of their cyber security defences in light of the surge in evasive malware threats. This advice includes implementing a layered defence, instead of simply installing endpoint antivirus on workstations. 

Such an approach of multiple types of anti-malware from the perimeter through to the endpoint, including at least one implementation of behavioural detection instead of just signature-detection, will seriously enhance protections against emerging threats.

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Recommended

HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021
Weakness in Mamba ransomware could help recover data
ransomware

Weakness in Mamba ransomware could help recover data

26 Mar 2021
Invoice ZLoader campaign hides within encrypted Excel docs
malware

Invoice ZLoader campaign hides within encrypted Excel docs

8 Mar 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
University of Hertfordshire's entire IT system offline after cyber attack
cyber attacks

University of Hertfordshire's entire IT system offline after cyber attack

15 Apr 2021
Xiaomi Redmi Note 10 Pro review: Champagne tastes on a lemonade budget
Mobile Phones

Xiaomi Redmi Note 10 Pro review: Champagne tastes on a lemonade budget

13 Apr 2021