32% of computers with AV protection are infected
Posted on 10.02.2010
A SurfRight report shows statistics that give credibility to the lately popular opinion that one anti-virus solution is no longer enough to be sure your computer isn't infected.

The effectiveness of most anti-virus solutions relies still on the quality of the virus signatures, and sometimes on the heuristics capabilities of the programs. Aided by its partners, SurfRight had the idea of bundling up 7 anti-virus engines that have at their disposal an equal amount of anti-virus databases. They called it Hitman Pro 3.

The statistics that they presented regard a little over 100,000 users that have run their anti-virus solution during 55 days at the end of 2009. Granted that the users that downloaded and ran it were more likely to be infected, since they expect an infection (maybe their computer is running more slowly) or want a second opinion, so incidence of infection might be a little higher than usual. Nevertheless, it still illustrates the point - having an anti-virus solution doesn't guarantee safety.

Taking all that into consideration, here are the results they came up with:


The bottom line is: 32% of the computers with AV protection are infected.

Another good news is that the latest Windows Security Pack (no matter which version of the OS) always shows in a security advantage.

The list of top five malware that their solution encountered goes like this: Generic (all kinds of different malware), FakeAV (all kinds of rogue anti-virus/antispyware software), TDSS/Alureon, Delf and Virut. Here's a note to security researchers: what are the features that allow these to pass under the radar? This issue is worth a closer examination. SurfRight lists probable causes:
  • Rootkit behavior
  • Polymorphic malware
  • Polymorphic file infector viruses
  • Load, priorities and efficiency of malware research and response teams at AV vendors
The TDSS/Alureon rootkit, which resides on the third place of the aforementioned malware top list, was used as an example to demonstrate the findings. Although it has been around for quite some time, it is particularly apt at avoiding AV products. Here is how they fared:


Their conclusion? "Do not rely on just one protective layer to defend your data and privacy. Install a proper spam filter, update your web browser and make sure you have enabled the firewall on your computer or router. Always install the latest Service Pack, the latest software updates and keep your AV product up-to-date. And ideally, periodically run a second opinion scan with one or more alternative AV software."

To read the entire report with complete statistics, go here.






Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //