Home > Cyber News > 97% of Malware Infections Are Polymorphic, Researchers Say

97% of Malware Infections Are Polymorphic, Researchers Say


2015 has been a cornerstone in cybersecurity. And all the reports released by security vendors prove it. From ransomware and banking botnets, through targeted attacks and massive data breaches, to “average” social engineering and spam campaigns, malware researchers have seen nearly everything.

In 2016, things could get even worse because malware writers are constantly reinventing their methods.

Webroot researchers have analyzed more than 27 billion URLs, 600 million domains, 4 billion IP addresses, 20 mobile applications, 10 million connected sensors, and at least 9 million file behavior records.

More Reports: Banking Botnets 2015

Polymorphic Malware Is Here to Stay

The conclusion? In 97% of the infection cases, malware was found to be polymorphic, or unique to the system. What researchers say is that almost all malware pieces and potentially unwanted programs rely on polymorphism.

What is polymorphism in the field of cyber security?
Let’s take a polymorphic computer virus. It will change its virus signature every time it replicates itself and infects the next file. By doing so, the virus will evade detection by AV software.

It’s only logical that the polymorphic method is a large-scale issue. Traditional anti-malware resolutions are at stake, since nearly all analyzed malware samples showed polymorphic patterns of behavior. Some threats displayed such behavior at the server level where every generated executable file was unique. In other instances, the malware piece itself was an example of polymorphism, meaning that it was unique to the victim that ‘received’ it.

There were also major changes in terms of raw counts of malware and PUAs from 2014 to 2015. The number of new malware files increased by 29% from year to year, while the number of PUAs declined by 30% over the same time period. This indicates a significant shift in interest from PUAs to malware, although new PUAs are still roughly twice as common as new malware. It also shows a decline in malicious executables in general; the rate of growth in malware has historically been over 100% each year, so the 2015 rate of 29% marks a major decrease.[…] Now that malware is almost purely polymorphic, attackers are replacing malware variants with other malware variants, instead of replacing one traditional malware instance with many polymorphic instances.

For more information on polymorphic malware, have a look at the whole report by Webroot.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree