Skip to content
SonicWall First to Identify 73 Percent of New Malware with Capture ATP Sandbox

SonicWall First to Identify 73 Percent of New Malware with Capture ATP Sandbox

Last month, I wrote how we found nearly 26,500 new forms of malware and shared some general stats.  Let’s take a look at the new threats found by SonicWall’s network sandbox, Capture Advanced Threat Protection (ATP). While the general number of new threats dropped, there were some interesting figures and trends to point out. Of the 16,115 new forms of malware and zero-day attacks:

  • Only 4,321 were known by one other security firm (that we partner with), just moments before us
  • This means over 73 percent (11,794) were never seen until SonicWall identified them

This is very encouraging because it demonstrates three important points:

  1. The SonicWall customer base of Capture ATP subscribers are protecting each other by serving up samples before researchers can find them
  2. The technology is working wonderfully
  3. The month-over-month data proves that SonicWall is your best defense against new threats

Interestingly, last year at this time, I was finding a lot of ransomware versions by the big boys, such as Locky & Cerber. Now we are seeing attacks from copycat malware authors who conduct smaller attacks. The overall numbers are down, but the number of cybercriminals involved are up. As a result, a lot of ransomware attacks may fly under the radar. Plus, this is what is now hitting the radar: credware.

What is Credware?

Credware is a term for a type of malware that is designed to steal credentials — and I’m finding a lot of credware every day, in many formats. I see new forms of spyware and a lot of Trojans that are going after all of those saved passwords in browsers. Since Chrome is harder to attack, hackers are targeting saved passwords in Firefox, Safari, Opera, Internet Explorer, and Edge. (See below).

Infected Documents

Hackers are adding their new versions of malware inside of document, such as Microsoft Word and PDFs. On a typical day, I saw that roughly 3-6 percent of new malware samples are found in these file types, but I have noticed a large increase as the days progressed. Some days, as much as 39.3 percent of malware is found in digital documents, mostly Office files. Even if I set a high baseline of 5 percent, you can see how some days have an alarming rate of malicious documents (See below). What is also surprising about this data is that you would expect a lot of this to be found in email traffic. Although most of it was, a lot of it was not, especially PDFs. In fact, on Sept. 26, 82 percent of malicious PDFs were found online by protected customers. This data comes on the heels of SonicWall improving its backend performance for how quickly we can examine and return a verdict for PDFs. As we look back at the data, I’m happy to announce that the median time to process a file is around one second, and 71.3 percent of all files in September were processed with a verdict in under five seconds. If you’d like more information on how you can add Capture ATP to protect your network and network based endpoints read: Executive Brief: Why network sandboxing is required to stop ransomware.

Previous article SonicWall’s Tiffany Haselhorst Joins 2020 CRN 100 Rising Female Stars List

More SonicWall News Posts

  • Product Security Notice:  SONICWALL SSL-VPN SMA100 Series Vulnerabilities
    December 7, 2023 Esther McNally

    Product Security Notice: SONICWALL SSL-VPN SMA100 Series Vulnerabilities

    SONICWALL SSL-VPN SMA100 version 10.X is affected by multiple vulnerabilities Overview CVE-2023-44221: Post Authentication OS Command Injection Vulnerability (CVSS Score: 7.2) Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege...

    Read now
  • Turn On Your MFA
    November 9, 2023 Esther McNally

    Turn On Your MFA

    With millions of stolen credentials currently up for sale, the time for stronger authentication is now. In “Star Trek: The Next Generation,” Jean-Luc Picard famously said, “It is possible to commit no mistakes and still lose.” This applies to many...

    Read now
  • Password Pro Tips
    November 7, 2023 Esther McNally

    Password Pro Tips

    A solid password is instrumental to keeping your important accounts and information safeguarded. October is typically associated with pumpkin spice lattes, college football, crunching leaves underfoot and ghostly fun, but did you know it’s also Cybersecurity Awareness Month? This is...

    Read now