Fools Download Where Angels Fear to Tread

Our study illustrates that the risk of getting infected by malware that antivirus protection doesn´t detect is alarmingly high. New malware that the antivirus engines don´t have signatures for is likely to escape detection by a desktop antivirus solution. Taking precautions while using the Internet can protect users only to a certain extent. If they visit the wrong Web site or download a file infected with 0-day malware, they probably won´t be protected from infection. The malware specimens that our antivirus packages didn´t detect during our two-week exposure period suggest to us that signature-based antivirus software doesn´t provide sufficient protection for users who live on the bleeding edge with respect to where they obtain their software. Coupled with the exponential growth of new malware variants, our findings suggest that antivirus vendors have major problems keeping the signature lag within acceptable limits.