Traditional antivirus fails to protect 40 percent of users
Conventional antivirus solutions are failing to protect users from attacks according to a Malwarebytes report.
The study is based on real-world clean up scans performed by Malwarebytes. Nearly 40 percent (39.18percent) of all malware attacks cleaned on endpoints with an AV installed occurred on endpoints that had two or more traditional AV solutions registered.
In addition 39.16 percent of attacks on endpoints with a non-OS bundled AV installed occurred on an endpoint running one of the four leading traditional AV solutions.
"The results of these scans clearly indicate the ineffectiveness of today's traditional AV solutions and, more importantly, the unknown risks to users that depend only on these AV platforms to stay safe," says Marcin Kleczynski, CEO of Malwarebytes. "Antiquated AV technology is no longer enough to protect from sophisticated cyberthreats. It's crucial that consumers and businesses understand this now before they become a victim of the next attack."
The findings also show the top ransomware types detected on compromised machines are Hidden Tear (41.65 percent) and Cerber (18.26 percent). Botnets most often detected include IRCBot (61.56 percent) and Kelihos (26.95 percent). The most prevalent Trojan types bypassing traditional AV detections are Fileless (17.76 percent) and DNSChangermalware (17.51 percent).
Of ransomware attacks 48.59 percent of Hidden Tear and 26.78 percent of Cerber events were found on a compromised endpoint that had at least one of the four leading traditional AV brands installed.
To show how widespread the problem is, Malwarebytes has produced a real-time heatmap that shows each time Malwarebytes remediates instances of malware on endpoints that have a traditional AV registered. It also shows the numbers of attacks missed by leading antivirus programs.