Security

The state of malware: 4 big takeaways from AV-TEST's 2016 report

The new report details increased risks to Android and Apple products and the top 10 Windows malware programs of 2016. Here's what your business needs to know to stay safe.

istock-488253356.jpg
Image: iStockphoto/weerapatkiatdumrong

2016 saw a host of new cybersecurity threats and breaches—there are currently 578.7 million malware programs in existence, with four to five new malware threats per second, according to AV-TEST's Security Report 2015/16, released on Monday. That number is projected to rise to more than 600 million by the end of the year, the report stated.

"Cyber criminals think like businesspeople, and they have to," according to a press release. "Because in their line of business, competition is growing stiffer all the time. Even if they manage to flout all other laws, they are forced to conform to the rules of the market if they want to achieve economic success."

The security report states that business is the main driver in the development of new cyber threats across all devices and platforms. The research is based on an evaluation by a team of more than 30 IT specialists in the AV-TEST institute, using the VTEST multi-virus scanner system that scans more than three million files per day.

Here are the top four takeaways from the report, and what your company needs to know to protect itself.

SEE: How to secure your IoT devices from botnets and other threats

1. Android is becoming more vulnerable to cybersecurity threats

screen-shot-2016-11-28-at-11-05-03-am.png
Image: AV-TEST

While the majority of malware deployed in 2015 and 2016 targeted Windows, the most widely-used operating system in the world, Android is increasingly under fire as well. Malware attacks on Android platforms jumped from about 3% in 2015 to nearly 7.5% in 2016.

Though it seems like a fairly small percentage jump, it represents an increase of millions of attacks, and marks "a significant trend away from Windows and towards Android," the report stated. The AV-TEST systems detected nearly 17 million malware samples for Android, the most heavily-used mobile platform.

Initially, cyber criminals were hesitant to attack the open-source platform, the report stated. But with the increasing distribution of smartphones, tablets, and other Android devices, the platform became a more popular target. The growing range of apps also gave criminals a new way to deploy malware.

Today, more than 99% of all malware programs targeting mobile systems are aimed at Android devices, the report stated. The most widely-distributed Android trojan malware program for the past two years is known as "Agent." It enters devices via infected apps, and can hijack unprotected devices when they visit infected websites, loading other malware or allowing hackers to downgrade device security systems remotely and steal personal information.

screen-shot-2016-11-28-at-11-05-39-am.png
Image: AV-TEST

2. Mac's security fortress is just an illusion

Many Apple Mac users believe that the devices cannot be infected with a virus—even those using Macs in the enterprise, the report stated. And compared to Windows, the number of malware programs attacking Apple's Mac platform is tiny: Just 819 malware threats targeted Macs in 2015. However, that does not mean that these attacks were not serious. Plus, attackers would not need to program a large number of malware applications to obtain data from Mac users, as they rarely have antivirus solutions installed, the report said.

In 2014, Apple retracted its statement that "a Mac cannot be infected," after the Flashback Trojan hijacked 600,000 Macs through a Java exploit in macOS X.

Malware attacks on the Mac OS platform only jumped from 0.06% to 0.07% between 2015 and 2016, due in part to owning a smaller market share than Windows devices.

"Hardware on which an Apple operating system is running has always been considered safe per se. But appearances can be deceiving," the report stated. "While there is considerably less malware than for Windows, Mac users still need to be protected."

SEE: How enterprise companies can raise internal cyber-risk awareness

3. The rise of potentially unwanted applications (PUA)

A new cyber risk comes in the form of potentially unwanted applications (PUA), which are deployed by the advertising industry to track personal information on user and movement patterns, and to then display personalized advertising without the consent of the user. PUA represented nearly one-third of the online risks in 2015, the report stated, and are steadily increasing.

About 94% of all 2015 PUA detections were found on Windows machines. While malware attacks on Macs remain relatively low, over 76,000 PUA samples were launched to spy on and advertise to Mac users in 2015. And the number of PUA samples for Android has also increased dramatically in the past year, from 4.5% of all PUA attacks in 2015 to more than 18% in 2016.

4. The top 10 Windows malware of Q1/Q2 2016

More than 85% of malware attacks occurred on Windows machines in 2015, with that number dropping to 67% in 2016.

Despite the drop, the vast majority of these attacks still occur on Windows operating systems. Some 12 million new Windows malware programs enter the market each month, the report found. Here are the top 10 malware for Windows to keep an eye out for:

screen-shot-2016-11-28-at-11-07-44-am.png
Image: AV-TEST


The internet worm "Allaple" reaches the no. 1 spot, and as the report notes, it has been wreaking havoc on PCs since 2006. The worm works through infected websites, and hijacks PCs via unpatched Windows vulnerabilities. It can also attack servers with weak password protection. Allaple presents a challenge for basic virus scanners, because it changes its code with each stored copy.

Also see

About Alison DeNisco

Alison DeNisco is a Staff Writer for TechRepublic. She covers CXO and the convergence of tech and the workplace.

Editor's Picks

Free Newsletters, In your Inbox