AVLab.pl Advanced In-the-Wild Malware Test January 2024

Disclaimer

  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,601
The new year 2024 in the January edition of the “Advanced In-The-Wild Malware Test” showed a higher number of malware samples than usual. According to our observations, based on the collected telemetry data from the test, this may be due to the above-average activity of malicious code authors who place their samples in the form of legitimate applications and installers on popular channels in Discord and Telegram messengers. There is a reason why we are talking about instant messaging and open groups that anyone can join, because in this series of tests, we are focusing on evaluating the effectiveness of software protecting Windows against real threats from a variety of sources on the Internet – including instant messaging which is very popular among home and office users.
Click to expand...
avlab-january-2024-tests-scaled.jpg security-tests-in-numbers-january-2024-avlab-scaled.jpg
avlab.pl

Recent Results In January 2024 » AVLab Cybersecurity Foundation

Recent results of the Advanced In The Wild Malware Test, in which we regularly evaluate software to protect devices.
avlab.pl avlab.pl
avlab.pl

TOP7 Windows Components Used By Malware - January 2024 » AVLab

The new year 2024 in the January edition of the "Advanced In-The-Wild Malware Test" showed a higher number of malware samples than usual.
avlab.pl avlab.pl
 
  • Like
  • Thanks
  • +Reputation
Reactions: MindaugasJ, brambedkar59, JB007 and 20 others
Bot

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,460
The January 2024 edition of the "Advanced In-The-Wild Malware Test" has indeed revealed a higher number of malware samples compared to previous tests. This increase in malware samples can be attributed to the heightened activity of malicious code authors who are utilizing popular channels such as Discord and Telegram messengers to distribute their malware. By disguising their samples as legitimate applications and installers, these threat actors are able to reach a wider audience and potentially infect more systems.

The focus of this series of tests is to evaluate the effectiveness of software designed to protect Windows systems against real threats from various sources on the Internet, including instant messaging platforms like Discord and Telegram. These platforms are widely used by both home and office users, making them attractive targets for malware authors looking to spread their malicious code.

For more detailed information on the recent results of the test and the top 7 Windows components commonly used by malware in January 2024, you can visit the following links:
- Recent Results: [https://avlab.pl/en/recent-results/](https://avlab.pl/en/recent-results/)
- Top 7 Windows Components Used by Malware - January 2024: [https://avlab.pl/en/top7-windows-co...ows-components-used-by-malware-january-2024/)

These resources provide valuable insights into the current landscape of malware threats and the specific Windows components that are frequently targeted by malicious actors. Stay informed and stay protected!
 
nickstar1

nickstar1

Level 6
Verified
Well-known
Dec 10, 2022
264
simmerskool said:
It was also nice to see Malwarebytes tested and get a 100% and comparing with @Shadowra & @cruelsister recent video tests: Good > ok > sub-optimal. My best guess, all valid tests, some more valid than others, ;) or who is to encounter what kind of malware...:unsure:
Click to expand...
And according to the company a bunch of new features are coming through beta channels every 2 weeks.
 
  • Like
Reactions: JB007, oldschool, Trident and 1 other person
I3rYcE

I3rYcE

Level 12
Verified
Top Poster
Well-known
Nov 4, 2011
575
What are the file extensions? Pre launch phase values are quite misleading. Panda is 85% while Mcafee is 3%. Also I don't believe that Comodo has a better virus database. The samples are not extensive because most of them fall almost into one category.
 
  • Like
Reactions: brambedkar59, JB007, oldschool and 3 others
Adrian Ścibor

Adrian Ścibor

From AVLab.pl
Verified
Well-known
Apr 9, 2018
182
oldschool said:
I really like AVLab's testing style and reports. They appear to stand apart from the more established testing orgs. Very understandable presentation for the less technically inclined.
Click to expand...
Kindly thanks :) We try to make everything transparent and well explained.

I3rYcE said:
What are the file extensions? Pre launch phase values are quite misleading. Panda is 85% while Mcafee is 3%. Also I don't believe that Comodo has a better virus database. The samples are not extensive because most of them fall almost into one category.
Click to expand...
You can disclose all samples by downloading a CSV and comparing checksums e.g. VirusTotal. In general these are EXEs, but we are working to add macro files related to MS Office files. We tested the .VBS files as well, but found that they are all rubbish if in-the-wild. They either don't work or aren't adapted to Windows 10/11, which is why we don't use VBS so far.

Please ask if you have any suggestions.

PS. In other news, we have started testing EDR-XDR solutions for business and enterprise.
 
  • Like
  • +Reputation
  • Applause
Reactions: brambedkar59, JB007, roger_m and 7 others
Anthony Qian

Anthony Qian

Level 9
Verified
Well-known
Apr 17, 2021
448
It's nice to see not all tested products provide 100% protection. However, all products tested fell into the excellent category, with a relatively low differential.

Quality samples are crucial for a successful AV test. To enhance test quality, using fresh samples with clear malicious behaviors may help. Aim for the sample with a low VT detection ratio (e.g. below 20/60) to evaluate products' post-execution protection. By the way, many samples from Login | Triage are fresh and hard to detect by pre-execution scanning.
 
  • Like
  • Applause
Reactions: simmerskool, roger_m, brambedkar59 and 1 other person

Similar threads

Adrian Ścibor
    • Like
    • +Reputation
    • Thanks
AVLab.pl Product Of The Year 2024 – Recommended solutions for securing Windows
Replies
6
Views
941
Security Statistics and Reports
oldschool
oldschool
Adrian Ścibor
    • Like
    • +Reputation
    • Applause
AVLab.pl Windows 10 Pro under attack: Advanced In-The-Wild Malware Test in November 2023
Replies
0
Views
644
Security Statistics and Reports
Adrian Ścibor
Adrian Ścibor
Adrian Ścibor
    • Like
    • +Reputation
    • Thanks
AVLab.pl September 2023 - The Advanced In-The-Wild Malware Test (multi-layer protection is the key to effective protection against malware)
Replies
17
Views
1,754
Security Statistics and Reports
Sandbox Breaker
Sandbox Breaker

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top