Comments
A new cyber security study reveals that Trojans, Backdoors and Droppers take a lion’s share in all malware attacks. It said 72 per cent of all malicious files that were analysed for the purpose of the study fall into these three categories.
It also finds that the types of malware that researchers most frequently investigate do not coincide with the most widespread ones.
“Malicious activity detection is only the starting point for attack investigation. To develop response and remediation measures, security analysts need to identify the target of attack, the origin of a malicious object, its popularity,” said a cyber security expert at Kaspersky.
Kaspersky Threat Intelligence Portal has gathered anonymised statistics gathered from the requests that come to the portal to study the types of malware that bother most.
In most cases, submitted ‘hashes’ or suspicious uploaded files turned out to be Trojans, constituting 25 per cent of the requests. Backdoors (24 per cent) gives an attacker remote control over a computer, Trojan-Droppers (23 per cent) install other malicious objects in the victim’s computing systems.
Most widespread type of malware
The data gathered from Kaspersky’s Security Network also show that Trojans are usually the most widespread type of malware. The network processes cyber security-related data streams from millions of voluntary participants around the world.
“However, Backdoors and Trojan-Droppers are not as common. They only make up 7 per cent and 3 per cent of all malicious files blocked by the our endpoint products,” he said.
This difference can be explained by the fact that researchers are often interested in the final target of the attack, while endpoint protection products seek to prevent it at an early stage.
For example, they don’t allow an end user to open a malicious email or follow a malicious link, preventing backdoors from reaching the user’s computer, he said.
“We have noticed that the number of free requests to the Kaspersky Threat Intelligence Portal to check viruses, or pieces of code that insert themselves in over other programs, is extremely low – less than one per cent – but it is traditionally among the most widespread threats detected by endpoint solutions,” he said.
This threat self-replicates and implements its code into other files, which may lead to the appearance of a large number malicious files on an infected system.
“As we can see, viruses are rarely of interest to researchers, most likely because they lack novelty compared to other threats,” said Denis Parinov, Acting Head of Threats Monitoring and Heuristic Detection at Kaspersky.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.