Book a Demo
Back to blog

Intezer Featured in IBM X-Force Threat Index

Written by
Intezer
Intezer

Banking trojans and ransomware were the top innovators in 2019 malware code evolution

Drawing on previous IBM X-Force collaboration in detecting new malware variants, we used our Malware Analysis technology to measure malware innovation made by adversaries between 2018 and 2019. This measure of innovation is the extent to which threat actors invested in developing new code, suggesting that adversaries are looking to expand their threat capabilities and evade detection.

Malware genetic code innovation 2018 vs. 2019

Data taken from our code genome database, containing billions of binary code pieces from known trusted and malicious software, shows that threat actors focused primarily on developing and evolving the codebase of banking trojans and ransomware, while maintaining a high level of effort towards modifying and creating crypto-mining malware strains. In contrast, generic botnet malware had less frequent code innovation year-over-year, indicating lesser investment in modifying its capabilities.

On average, in 2019 malware authors reused more pre-existing code to develop crypto-miners and DDoS botnets than they did in the previous year. This data suggests that adversaries have become less concerned with making innovations in these two threat categories.

On the contrary, 2019 saw an increase in the use of new, unique code written to develop banking trojans and ransomware. This evolution in writing more code from scratch suggests that adversaries are looking to expand their threat capabilities and evade detection.

Why is this significant? Heading into 2020, these code innovation trends may be indicative of the types of malware that will require more effort to identify and contain due to the investment made by adversaries to constantly evolve their code.

We want to thank IBM Security for including us in their annual threat intelligence index report. To read the full report, please visit their website.

Incorporate GMA into your security strategy. We offer Genetic Malware Analysis solutions for runtime cloud workload protection, incident response automation, threat intelligence, and more. Contact us to start using the tech today.

Intezer
Intezer

Count on Intezer Forensic AI SOC to triage, investigate and respond to every alert at unmatched speed and accuracy.

In this article

Share this article
Recommended Blogs
27MIN READ

OrBit (Re)turns: Tracking an open-source Linux rootkit across four years of forks and deployments

Explore how OrBit, a two-stage malware, has changed over the last 4 years and why it matters for defenders.
blog cover for when to use generic AI for your SOC
7MIN READ

Generalist AI for your SOC: When and where to use it

Many security leader are asking the same question right now. We already pay for Microsoft Copilot, ChatGPT Enterprise, or Claude. Why buy anything else? Here's what you need to know.
ASL@Nasdaq blog post cover
5MIN READ

AI SOC Live at Nasdaq: Real conversation about modern security operations

The SOC is broken. Not because of a lack of talent or effort, but because human capacity does not scale. At AI SOC Live NASDAQ, we are bringing together the security leaders who are doing something about it.