https://github.com/rfxn/linux-malware-detect/archive/1.5.tar.gz
https://raw.githubusercontent.com/rfxn/linux-malware-detect/master/CHANGELOG.RELEASE
https://twitter.com/hashtag/maldet
I am pleased to announce the release of Linux Malware Detect version 1.5 which has been a year in the making. This release brings together 143 code commits with 31 new features, 75 feature improvements and 27 bug fixes. There was 12 contributors to the project in the last year across 4,758 new lines of code and 3,241 lines of code changes.
The last year has seen the project continue to grow rapidly, with installations by unique IP addresses pulling daily updates increasing from 74,291 a year ago to 131,063 as of this posting, effectively doubling in usage! This is an enormous footprint, without a doubt one of the, if not the largest open source malware remediation project currently in active use with an estimated 36 million domains under protection free of charge by Linux Malware Detect (source: dailychanges.com IP address to hosted domain counts). A quick drill down of usage data by IP address has LMD in use by 4,361 separate ASN organizations in 103 countries including 176 of fortune 500 corporations, 152 institutions of higher learning and 87 governmental organizations.
The usage trends alone are a compelling statement to the demand, the need, for not just free and open malware remediation solutions but one that is reliable and remains current against emerging threats. The commercial landscape of malware detection products that provide effective malware remediation in multi-user shared environments remains abysmal. An analysis of 8,883 malware hashes, detected by LMD 1.5, against 30 commercial anti-virus and malware products paints a picture of how poorly commercial solutions perform.
DETECTED KNOWN MALWARE: 1951
% AV DETECT (AVG): 58
% AV DETECT (LOW): 10
% AV DETECT (HIGH): 100
UNKNOWN MALWARE: 6931
Using the Team Cymru malware hash registry, we can see that of the 8,883 malware hashes shipping with LMD 1.5, there was 6,931 or 78% of threats that went undetected by 30 commercial anti-virus and malware products. The 1,951 threats that were detected had an average detection rate of 58% with a low and high detection rate of 10% and 100% respectively. There could not be a clearer statement to the need for an open and community driven malware remediation project that focuses on the threat landscape of multi-user shared environments.
A unique feature of the LMD project is the direct line of communication administrators have with the project through the use of the submission (checkout) feature for suspected malware (maldet -c FILE/PATH). The submission feature has grown to be the single largest source of new malware data for the project with over 6,000 uploads per week and growing. This has allowed the project to be highly responsive to emerging threats with automagic tools reviewing uploads and generating daily variant signatures from known malware and queuing for review any files that can't be classified, which are reviewed multiple times per-week.
I remain committed to the R-fx Networks projects and continuing to develop Linux Malware Detect for years to come alongside a community and industry that I call home. Thank you to all users, contributors and donators alike as without you as a collective group, the project would not be where it stands today