1 hour ago

OPSWAT: Malware complexity jumps 127% in Six Months

Jan Miller, Chief Technology Officer of Threat Analysis at OPSWAT
Jan Miller, Chief Technology Officer of Threat Analysis at OPSWAT

OPSWAT has released its first-ever Threat Landscape Report, revealing key insights from over 890,000 sandbox scans in the last 12 months.

This report offers a unique lens into the evolving nature of cyberthreats. The findings are clear: traditional detection methods are being outpaced, with a 127% rise in malware complexity and a staggering 1 in 14 files—initially deemed ‘safe’ by legacy systems—proven to be malicious. This report is a call to action for industries relying on outdated defenses and the importance of multi-layered solutions.

Key Findings:

 127% Increase in Malware Complexity

Behavioral telemetry revealed a 127% rise in multi-stage malware complexity over the past year. OPSWAT’s sandbox uncovered layered threats designed to evade analysis, including obfuscated loaders such as NetReactor and evasive behaviors missed by traditional tools. These results show that modern malware intends to confuse, not flood, which is why OPSWAT’s pipeline is purpose-built to unpack that complexity.

Proactive Threat Detection

OPSWAT analysis reclassified 7.3% of files that were silent across open-source intelligence (OSINT) feeds as malicious, on average 24 hours earlier than public data sources. These were confirmed executions, not speculative flags, highlighting how adaptive analysis can close dangerous gaps left by static and reputation-based systems.

Campaign-Level Threat Correlation

With 890,000+ sandbox scans, OPSWAT connects the dots across threats. It identifies shared TTPs, reused C2 infrastructure, and behavioral patterns across campaigns. This provides defenders with context-rich, actionable intelligence instead of noisy indicators.

99.97% Detection Accuracy

OPSWAT’s behavioral and machine learning pipeline delivers results. Aided by a newly enhanced PE emulator, the platform identified sophisticated threats such as:

  • Clipboard hijacking via ClickFix
  • Steganography-wrapped loaders
  • C2 channels embedded in Google services
  • .NET Bitmap malware loaders delivering Snake Keylogger payloads

“Our strength lies in precision, behavioral depth, and early visibility into emerging attacks,” said Jan Miller, Chief Technology Officer of Threat Analysis at OPSWAT. “That’s what sets OPSWAT apart in delivering high-fidelity, context-aware threat intelligence.”

Why It Matters

As critical infrastructure, government systems, and enterprise networks face growing targeting from increasingly modular and evasive malware, the findings of this report spotlight the evolving adversary playbook and the need for integrated, multilayered solutions.

Cybersecurity leaders must now prioritize adaptability, shared intelligence, reassessing technology, and fast behavioral detection pipelines to protect systems from known threats, but also to keep pace with a rapidly evolving threat landscape and whatever is on the horizon.

Leave a Reply

Don't Miss

OPSWAT

OPSWAT Unveils OPX Lab in Dubai for Critical Infrastructure Security

Against a backdrop of rising geopolitical tensions and critical infrastructure becoming an
Tom Mullen, Senior Vice President, Business Development, OPSWAT

OPSWAT and SentinelOne Partner to Boost AI-Powered Malware Detection

OPSWAT and SentinelOne has announced their OEM partnership with the integration of

Welcome to

By signing or creating an account you agree with our Code of conduct & Privacy policy