Evasive malware threats doubled in 2019

Sophisticated methods of attack that dodge detection are becoming commonplace

The proportion of 'evasive' malware threats that sneak past signature-based detection systems surged towards the end of last year, almost doubling against figures from last year.

Related Resource

How enterprises are embracing cyber security challenges

Enterprises across Europe, the Middle East and Africa are undergoing a significant transformation

Download now

Evasive malware threats comprised 68% in the fourth quarter of 2019, versus an average of 35% in 2019, according to a report by WatchGuard. The surge in these threats, as well as zero-day malware, are largely missed by traditional antivirus engines and show that sophisticated methods of attack are becoming more commonplace among hackers.

SQL injection, meanwhile, rose an enormous 8000% in the last quarter of 2019 against 2018, and was the most common form of network attack by some distance.

“Our findings from Q4 2019 show that threat actors are always evolving their attack methods,” said WatchGuard CTO Corey Nachreiner. 

“With over two-thirds of malware in the wild obfuscated to sneak past signature-based defenses, and innovations like Mac adware on the rise, businesses of all sizes need to invest in multiple layers of security. 

“Advanced AI or behavioural-based anti-malware technology and robust phishing protection like DNS filtering will be especially crucial.”

Chiming with the findings of a Malwarebytes report last month, Mac malware has also experienced a surge in the last few months. WatchGuard researchers found Mac adware returned to its top ten threats list, while a former study revealed that Mac malware detections overtook Windows for the first time.

Elsewhere, the study found that among the most common threats is a legacy Microsoft Excel flaw from 2017, assigned CVE-2017-11882, still being exploited by cyber cirminals. This ‘doppler’ exploit is heavily targeted at users in the UK, among other nations, and involves downloading several types of malware onto victims’ systems.

WatchGuard recommended that users ramp up the sophistication of their cyber security defences in light of the surge in evasive malware threats. This advice includes implementing a layered defence, instead of simply installing endpoint antivirus on workstations. 

Such an approach of multiple types of anti-malware from the perimeter through to the endpoint, including at least one implementation of behavioural detection instead of just signature-detection, will seriously enhance protections against emerging threats.

Featured Resources

Become a digital service provider

How to transform your business from network core to edge

Download now

Optimal business results with the cloud

Evaluating the best approaches to hybrid cloud adoption

Download now

Virtualisation that enables choices, not compromises

Harness the virtualisation technology that's right for your hybrid infrastructure

Download now

Email security threat report 2020

Four key trends from spear fishing to credentials theft

Download now

Recommended

Android malware vendor teams with marketer to promote new malware
malware

Android malware vendor teams with marketer to promote new malware

11 Jan 2021
Python-based malware steals Outlook files and browser credentials
malware

Python-based malware steals Outlook files and browser credentials

15 Dec 2020
Subway UK customers targeted by Trickbot hackers
hacking

Subway UK customers targeted by Trickbot hackers

14 Dec 2020
Power banks could infect your smartphone with malware
malware

Power banks could infect your smartphone with malware

9 Dec 2020

Most Popular

150,000 arrest records accidentally deleted from police database
data management

150,000 arrest records accidentally deleted from police database

15 Jan 2021
How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

12 Jan 2021