Intezer Featured in IBM X-Force Threat Index

Intezer

Banking trojans and ransomware were the top innovators in 2019 malware code evolution

Drawing on previous IBM X-Force collaboration in detecting new malware variants, we used our Malware Analysis technology to measure malware innovation made by adversaries between 2018 and 2019. This measure of innovation is the extent to which threat actors invested in developing new code, suggesting that adversaries are looking to expand their threat capabilities and evade detection.

Malware genetic code innovation 2018 vs. 2019

Data taken from our code genome database, containing billions of binary code pieces from known trusted and malicious software, shows that threat actors focused primarily on developing and evolving the codebase of banking trojans and ransomware, while maintaining a high level of effort towards modifying and creating crypto-mining malware strains. In contrast, generic botnet malware had less frequent code innovation year-over-year, indicating lesser investment in modifying its capabilities.

On average, in 2019 malware authors reused more pre-existing code to develop crypto-miners and DDoS botnets than they did in the previous year. This data suggests that adversaries have become less concerned with making innovations in these two threat categories.

On the contrary, 2019 saw an increase in the use of new, unique code written to develop banking trojans and ransomware. This evolution in writing more code from scratch suggests that adversaries are looking to expand their threat capabilities and evade detection.

Why is this significant? Heading into 2020, these code innovation trends may be indicative of the types of malware that will require more effort to identify and contain due to the investment made by adversaries to constantly evolve their code.

We want to thank IBM Security for including us in their annual threat intelligence index report. To read the full report, please visit their website.

Incorporate GMA into your security strategy. We offer Genetic Malware Analysis solutions for runtime cloud workload protection, incident response automation, threat intelligence, and more. Contact us to start using the tech today.

Intezer

Count on Intezer AI SOC to triage, investigate and respond to every alert at unmatched speed and accuracy.

Recommended Blogs
7MIN READ

Introducing Custom Agents: Automate your SOC, your way

Add your own agents and automations on top of the ones Intezer runs out of the box, take more of the manual work off your analysts, and tailor AI SOC to the way your team actually operates.
11MIN READ

The other half of the AI SOC: Intezer, now inside your AI workspace

Your team already lives in, Claude, Codex, Cursor, etc. Discover how to transform them into true security workspaces.
23MIN READ

How attackers are gaining access to LLM inference

Threat actors are wiring live LLM APIs into malware to generate malicious logic at runtime, and this research maps the five routes they use to access AI models for free.