New Malware Targets Sandbox-Based Gateway Appliances

By Ally Kutz, contributing writer

There’s a new malware searching out systems, and it is impacting sandbox-based gateway appliances, according to new research released by Quick Heal Technologies.

The new malware, named APT-QH-4AG15, was discovered last month, first found in the Philippines targeting financial institutions. Study of the malware shows it was designed to hack into highly protected networks, with several antivirtual machine and anti-sandbox schemes.

Sanjay Katkar, CTO at Quick Heal Technologies, commented, “Our initial findings have taught us that even the most advanced sandbox-based appliance protection can be breached. As a result, enterprises need to consider and implement multiple layers of protection to safeguard networks.”

According to Quick Heal, more than 90 percent of attacks on enterprises over the past few years have been a direct result of spear phishing methods, a strategy employed via highly targeted messages. This led to the implementation and rise of sandbox-based gateway appliances, offering advanced malware detection for incoming emails. With growing use of advanced persistent threat (APT) sandbox-based appliances in the enterprise, however, malware is being designed to target them. 

Farokh Karani, Quick Heal’s North America sales and channels representative, advised, “The best defense is layers of robust protection — from the network to the endpoints and across all mobile devices, with continuous updates made to ensure that all levels of protection are current.”