What's more interesting is the shift from malware targeting Linux servers to malware targeting Linux desktop. I think we'll see companies starting to offer antivirus for regular home Linux users soon (not just corporate installs which have legitimate concerns even now).
What I'm interested in is of course actual numbers and collection method.
> According to data analysis the Atlas VPN team released on Jan. 18, new Linux malware threats hit record numbers in 2022, increasing by 50% to 1.9 million.
> Compared to 2021, when 121.6 million samples were detected, new malware numbers overall dropped by 39% to 73.7 million in 2022. Most new Linux malware samples (854,690) were seen in the first quarter of 2022. But in the second quarter, new malware samples dropped by almost 3% to 833,065.
> Those Linux detection numbers plummeted again in the third quarter of last year by a staggering 91% to 75,841. But they picked up again in the fourth quarter of 2022, growing by 117% to 164,697.
> The Linux malware analysis is based on threat statistics from AV-Atlas, a threat intelligence platform from AV-Test GmbH, an independent research institute for IT security in Germany.
There's definitely something 'off' with the data if it can drop 91% in a quarter then pick up 117% in another. I also wouldn't trust any data collected by a company with "AV" in their name.
> There's definitely something 'off' with the data if it can drop 91% in a quarter then pick up 117% in another.
Not necessarily. If an exploited vulnerability is discovered and patched, you easily could observe such a dramatic trend. Or if a state sponsored one campaign ends, you also see a similar trend.
Now linux did have some very serious CVE's patched in 2022. On numerous occasions. Patch now campaigns can wipe out successful malware very quickly.
The the 90+% drop is an order of magnitude change and indeed 'big' but the subsequent 100+% increase is only a change by roughly 2x (less than half an order of magnitude).
The numbers for windows (~50x more popular than linux) were in millions, and the numbers for linux detections in the 100k's and tens of thousands:
quote:
>> Most new Linux malware samples (854,690) were seen in the first quarter of 2022. But in the second quarter, new malware samples dropped by almost 3% to 833,065.>
>> Those Linux detection numbers plummeted again in the third quarter of last year by a staggering 91% to 75,841. But they picked up again in the fourth quarter of 2022, growing by 117% to 164,697.
What's more interesting is the shift from malware targeting Linux servers to malware targeting Linux desktop. I think we'll see companies starting to offer antivirus for regular home Linux users soon (not just corporate installs which have legitimate concerns even now).
What I'm interested in is of course actual numbers and collection method.
> According to data analysis the Atlas VPN team released on Jan. 18, new Linux malware threats hit record numbers in 2022, increasing by 50% to 1.9 million.
> Compared to 2021, when 121.6 million samples were detected, new malware numbers overall dropped by 39% to 73.7 million in 2022. Most new Linux malware samples (854,690) were seen in the first quarter of 2022. But in the second quarter, new malware samples dropped by almost 3% to 833,065.
> Those Linux detection numbers plummeted again in the third quarter of last year by a staggering 91% to 75,841. But they picked up again in the fourth quarter of 2022, growing by 117% to 164,697.
> The Linux malware analysis is based on threat statistics from AV-Atlas, a threat intelligence platform from AV-Test GmbH, an independent research institute for IT security in Germany.
There's definitely something 'off' with the data if it can drop 91% in a quarter then pick up 117% in another. I also wouldn't trust any data collected by a company with "AV" in their name.
> There's definitely something 'off' with the data if it can drop 91% in a quarter then pick up 117% in another.
Not necessarily. If an exploited vulnerability is discovered and patched, you easily could observe such a dramatic trend. Or if a state sponsored one campaign ends, you also see a similar trend.
Now linux did have some very serious CVE's patched in 2022. On numerous occasions. Patch now campaigns can wipe out successful malware very quickly.
The the 90+% drop is an order of magnitude change and indeed 'big' but the subsequent 100+% increase is only a change by roughly 2x (less than half an order of magnitude).
The numbers for windows (~50x more popular than linux) were in millions, and the numbers for linux detections in the 100k's and tens of thousands:
quote: >> Most new Linux malware samples (854,690) were seen in the first quarter of 2022. But in the second quarter, new malware samples dropped by almost 3% to 833,065.>
>> Those Linux detection numbers plummeted again in the third quarter of last year by a staggering 91% to 75,841. But they picked up again in the fourth quarter of 2022, growing by 117% to 164,697.