Rise of Evasive Malware

More than 80% of all malware
samples are evasive

Lastline Labs

To avoid detection, evasive malware use hundreds of methods like:

  • Sleeping for some time or doing useless work until the sandbox times out.
  • Detecting the sandbox and launching no attack.
  • Launching targeted attacks only on intended victim computers identified by (e.g) their IP address or user names.
  • Detecting user input, often not present in a sandbox.

In all cases above, the evasive malware appears harmless on the sandbox, but launches an attack on the endpoint.

Evasive malware successfully defeat existing cybersecurity solutions by hiding their behavior in malware
sandboxes and then launching cyberattacks on live systems.

Network Traffic

Isolated Sandbox Environment

Malware Detection Engine

Live System

The solution? SecondWrite technology.