FireEye Spotted Over 500 New Malware Families in 2019

[silversurfer]

Content source

https://www.securityweek.com/fireeye-spotted-over-500-new-malware-families-2019

FireEye’s incident response division Mandiant observed more than 500 new malware families last year, the company revealed in its M-Trends 2020 report released this week.

FireEye analyzed 1.1 million malware samples per day in 2019 and it tracked a total of 1,268 malware families. Of these malware families, more than 500 were not seen before.

While a majority of the new malware impacted either Windows or multiple platforms, the company has still seen tens of new malware families targeting macOS or Linux.

The FireEye Mandiant M-Trends 2020 report is available in PDF format.​

 

[Lenny_Fox]

Thx @silversurfer

Would be interested to know whether these new Linux families targeted desktop software or were targeting server side software, since Linux is the most used OS on servers.

 

[silversurfer]

Thx @silversurfer

Would be interested to know whether these new Linux families targeted desktop software or were targeting server side software, since Linux is the most used OS on servers.

You may be interested to read current reports by ESET:

Linux and malware: Should you worry?

Malicious code is nothing to worry about on Linux, right? Hold your penguins. Linux malware has gone from the sidelines to the headlines.

www.welivesecurity.com

Up close and personal with Linux malware

What are the main security threats facing Linux, especially servers, and how does Linux malware compare to malicious code targeting Windows ? A Q&A with ESET Senior Malware Researcher Marc-Etienne M.Léveillé.

www.welivesecurity.com

 

[Andy Ful]

From the second article:

"A lot of people think of Linux as an operating system with superior security compared to all the others. In 2020, I don’t think this is something that we can assert. Both Microsoft and Apple have put lots of effort into securing their platforms. For example, embedded code signatures in executable files and enforcing valid signatures for key system and device driver functionality is something that’s been available on Windows and macOS for years, while on Linux, it still is not widespread. I’m not saying Linux is insecure, but rather, like the other platforms, it has its strengths and weaknesses and certainly should not be considered bulletproof."

"Compared to Windows malware, Linux malware tends to be less obfuscated and easier to analyze. Obfuscation is often added to evade detection by security products. Since there are often no security products to bypass, the bar is lower and attackers skip this unnecessary step. I’m not saying that all Linux malware is easy to analyze and none is obfuscated; I am saying that on average the bar is lower. "

 

[ForgottenSeer 72227]

As time goes on trends change.

I don't think Linux users need to stress out yet, but it's something they will have to pay attention to as time goes on. Linux did something's better than Windows when it came to security, but like any software it's never 100% free of bugs, or potential security holes. Like MacOS, Linux went under the radar mostly due to lower marketshare compared to Windows. As they gain market share, or hackers change focus, they become more of a target and unfortunately they aren't as bulletproof as their users like to promote. Since the vast majority of Linux users don't run AV, the malware doesn't have to hide as well as it does on Windows, because what's going to detect it?

Chances are this is more geared towards servers, but it doesn't mean desktop users won't become a target either.

 

[g4nu5]

thnx for sharing