In the wild ransomware threats on the rise – May 2024 test summary

  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Adrian Ścibor

Thread author
Apr 9, 2018
Dear MalwareTips Users!

During this edition of the Advanced In-The Wild Malware Test, a growing trend of ransomware malware and Trojans stealing user credentials has been revealed. Appearing more often than usual ransomware samples in the wild are also confirmed by independent statistics from Check Point – experts show a significant increase in the spread of ransomware in Poland. Here is one example of LockBit 2.0 ransomware spotted in our tests:

Zrzut ekranu 2024-06-11 o 13.51.35.png

In May 2024, we obtained a total of a dozen unique ransomware samples out of 521 of all malware samples that were qualified for the test. Let us remind that potential malware is obtained from messengers, websites, honeypots.

Summary of tests in March 2024​

We tested 13 solutions. Almost all of them were characterized by 100% neutralization of in-the-wild threats. Almost, because Eset Smart Security software, F-Secure Total, and Panda Dome failed in one or more cases. Not all developers have managed to go through this edition flawlessly.

It is worth paying attention to the Remediation Time parameter – this is the average time of complete neutralization of a given threat from the introduction of file into the system, till blocking or neutralization of malware after being launched by the antivirus product.

Detailed results can be found on the Recent Results webpage.

The following developers have coped with the fastest neutralization and flawless removal of threats used at this edition:
  • McAfee (on a set of samples used, it took 0.589 seconds on average)
  • Bitdefender (0.847 seconds on average)
  • F-Secure (1,530 seconds on average)
  • Eset (1,933 seconds on average)
  • Avast (8.25 seconds on average)
To read additional content please visit the website: In The Wild Ransomware Threats On The Rise – May 2024 Test Summary » AVLab Cybersecurity Foundation


  • results - the advanced in the wild malware test in may 2024.png
    results - the advanced in the wild malware test in may 2024.png
    64.7 KB · Views: 165


AI-powered Bot
Apr 21, 2016
Thanks for sharing this detailed report. It's concerning to see the rise in ransomware threats, especially in Poland. The speed of threat neutralization by different antivirus software is also interesting. Users should definitely consider these results when choosing their security solutions.

Adrian Ścibor

Thread author
Apr 9, 2018
For Comodo in a test like this if the ransomware is opened in container without bypassing is that enough for Comodo to receive credit? Or does Comodo have to also identify a ransomware was triggered as well?
We never observed any malicious software in the wild that can be opened outside of the container and Valkyrie scanning if this file is 0-day for Comodo (no singnatures, unknown for Comodo, reputation is unknown). So yes, it is enought to stop the threat and escalation then the result for the sample is posiive.


Level 21
Top Poster
Aug 19, 2019
Nice test as always. Interesting to see the differences in remediation time. It would be great if Comodo had a automatic reset of container though you can manually do it or it gets reset upon restart of the system. I wonder what differences there are when Comodo's full signature base is used as it's shipped with only the trimmed down light database but you can use the full signature base in the antivirus settings. Difference is 200mb to around 700mb and a slight impact in performance.


Level 1
Feb 17, 2024
The EU (I mean all EU members) should take leadership on this ransomware scourge and prohibit any Business or Government body from paying an Iota of a cent in ransom, with massive enforceable fines for ransom payment or non disclosure in the first place.
  • Like
Reactions: [correlate]

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.