* [Blog](https://origin-researchcenter.paloaltonetworks.com/blog) * [Palo Alto Networks](https://origin-researchcenter.paloaltonetworks.com/blog/corporate/) * [Malware](https://origin-researchcenter.paloaltonetworks.com/blog/category/malware-2/) * Modern Malware Review: FT... # Modern Malware Review: FTP Surprises [](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2F2013%2F04%2Fmodern-malware-review-ftp-surprises%2F) [](https://twitter.com/share?text=Modern+Malware+Review%3A+FTP+Surprises&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2F2013%2F04%2Fmodern-malware-review-ftp-surprises%2F) [](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2F2013%2F04%2Fmodern-malware-review-ftp-surprises%2F&title=Modern+Malware+Review%3A+FTP+Surprises&summary=&source=) [](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://origin-researchcenter.paloaltonetworks.com/blog/2013/04/modern-malware-review-ftp-surprises/&ts=markdown) \[\](mailto:?subject=Modern Malware Review: FTP Surprises) Link copied By [Rene Bonvanie](https://www.paloaltonetworks.com/blog/author/rene/?ts=markdown "Posts by Rene Bonvanie") Apr 03, 2013 2 minutes [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown) [Reports](https://www.paloaltonetworks.com/blog/category/reports/?ts=markdown) [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown) [MMR](https://www.paloaltonetworks.com/blog/tag/mmr/?ts=markdown) [modern malware](https://www.paloaltonetworks.com/blog/tag/modern-malware/?ts=markdown) [Modern Malware Review](https://www.paloaltonetworks.com/blog/tag/modern-malware-review/?ts=markdown) [threat prevention](https://www.paloaltonetworks.com/blog/tag/threat-prevention/?ts=markdown) Last week, we announced our first Modern Malware Review, where Wade Williamson and other Palo Alto Networks experts had the opportunity to analyze 3 months of data from WildFire, including data from more than 1,000 real networks and more than 26,000 seemingly unique samples of malware collected in real enterprise networks (out of 60k+ that evaded AV solutions on customer networks). You can find the full report [here](http://media.paloaltonetworks.com/documents/The-Modern-Malware-Review-March-2013.pdf). We've gathered some interesting quotes from media coverage of the review below. Also, Wade speaks with Threatpost's Dennis Fisher about the MMR and some of the particularly compelling (dare I say alarming) findings in this podcast -- give it a listen [here](http://threatpost.com/en_us/blogs/wade-williamson-malware-trends-032113). "If you talk to most enterprise IT guys, they're not spending much time worrying about FTP because it's seen as a dusty old protocol. Some of these older protocols that are flexible and still work are being used by attackers because nobody is going to blink if they see it." -- Wade Williamson ([CRN](http://www.crn.com/news/security/240151603/palo-alto-pinpoints-older-ports-that-are-letting-in-malware.htm), March 25, 2013) "Most network managers don't give a second thought to FTP, but it's pretty obvious that attackers are thinking about it...a lot," -- Wade Williamson ([Security Bistro](http://www.securitybistro.com/blog/?p=6023), March 27, 2013) Can you sense the theme? FTP was observed to be exceptionally high-risk. FTP had the ignominious distinction of being both a common source of unknown malware as well as one of the sources that rarely received coverage. FTP was the most evasive application in terms of port evasion, and had one of the lowest detection rates in terms of malware. ![MMR](https://www.paloaltonetworks.com/blog/wp-content/uploads/2013/04/MMR.jpg) For more details on getting a handle on the scale of modern malware check out Wade's guest post on Security Week [here](http://www.securityweek.com/combating-emerging-threats-through-security-collaboration). Let us know what you think of the Modern Malware Review in the comments below. *** ** * ** *** ## Related Blogs ### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Reports](https://www.paloaltonetworks.com/blog/category/reports/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Threat Research](https://www.paloaltonetworks.com/blog/category/threat-research/?ts=markdown), [Unit 42](https://unit42-dev2.paloaltonetworks.com) [#### Top Three Ways Organizations Were Unprepared for Cyberattacks in 2023](https://origin-researchcenter.paloaltonetworks.com/blog/2024/11/top-three-ways-organizations-were-unprepared-for-cyberattacks-in-2023/) ### [Cloud-delivered Security](https://www.paloaltonetworks.com/blog/sase/category/cloud-delivered-security/?ts=markdown), [News \& Events](https://www.paloaltonetworks.com/blog/sase/category/news-events/?ts=markdown), [Reports](https://www.paloaltonetworks.com/blog/category/reports/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown) [#### Prisma Access Outperforms Against Cobalt Strike Attacks](https://origin-researchcenter.paloaltonetworks.com/blog/sase/prisma-access-outperforms-against-cobalt-strike-attacks/) ### [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown) [#### UPDATED: Palo Alto Networks Protections Against WanaCrypt0r Ransomware Attacks](https://origin-researchcenter.paloaltonetworks.com/blog/2018/01/palo-alto-networks-protections-wanacrypt0r-attacks/) ### [Application Advisory/Analysis](https://www.paloaltonetworks.com/blog/category/application-analysis/?ts=markdown), [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [Mobility](https://www.paloaltonetworks.com/blog/category/mobility/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://unit42-dev2.paloaltonetworks.com) [#### Chinese Taomike Monetization Library Steals SMS Messages](https://origin-researchcenter.paloaltonetworks.com/blog/2015/10/chinese-taomike-monetization-library-steals-sms-messages/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Incident Response](https://www.paloaltonetworks.com/blog/category/incident-response/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://unit42-dev2.paloaltonetworks.com) [#### Introducing Unit 42 Managed XSIAM 2.0](https://origin-researchcenter.paloaltonetworks.com/blog/2026/02/introducing-unit-42-managed-xsiam-2-0/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Reports](https://www.paloaltonetworks.com/blog/category/reports/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Unit 42](https://unit42-dev2.paloaltonetworks.com) [#### 2026 Unit 42 Global Incident Response Report --- Attacks Now 4x Faster](https://origin-researchcenter.paloaltonetworks.com/blog/2026/02/unit-42-global-ir-report/) ### Subscribe to the Blog! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://origin-researchcenter.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language