2015 has been a cornerstone in cybersecurity. And all the reports released by security vendors prove it. From ransomware and banking botnets, through targeted attacks and massive data breaches, to “average” social engineering and spam campaigns, malware researchers have seen nearly everything.
In 2016, things could get even worse because malware writers are constantly reinventing their methods.
Webroot researchers have analyzed more than 27 billion URLs, 600 million domains, 4 billion IP addresses, 20 mobile applications, 10 million connected sensors, and at least 9 million file behavior records.
More Reports: Banking Botnets 2015
Polymorphic Malware Is Here to Stay
The conclusion? In 97% of the infection cases, malware was found to be polymorphic, or unique to the system. What researchers say is that almost all malware pieces and potentially unwanted programs rely on polymorphism.
What is polymorphism in the field of cyber security? Let’s take a polymorphic computer virus. It will change its virus signature every time it replicates itself and infects the next file. By doing so, the virus will evade detection by AV software.
It’s only logical that the polymorphic method is a large-scale issue. Traditional anti-malware resolutions are at stake, since nearly all analyzed malware samples showed polymorphic patterns of behavior. Some threats displayed such behavior at the server level where every generated executable file was unique. In other instances, the malware piece itself was an example of polymorphism, meaning that it was unique to the victim that ‘received’ it.
There were also major changes in terms of raw counts of malware and PUAs from 2014 to 2015. The number of new malware files increased by 29% from year to year, while the number of PUAs declined by 30% over the same time period. This indicates a significant shift in interest from PUAs to malware, although new PUAs are still roughly twice as common as new malware. It also shows a decline in malicious executables in general; the rate of growth in malware has historically been over 100% each year, so the 2015 rate of 29% marks a major decrease.[…] Now that malware is almost purely polymorphic, attackers are replacing malware variants with other malware variants, instead of replacing one traditional malware instance with many polymorphic instances.
For more information on polymorphic malware, have a look at the whole report by Webroot.