Trojans, Backdoors, Droppers take lion’s share in malware attacks, says study

K V Kurmanath Hyderabad | Updated on July 10, 2020 Published on July 10, 2020

A new cyber security study reveals that Trojans, Backdoors and Droppers take a lion’s share in all malware attacks. It said 72 per cent of all malicious files that were analysed for the purpose of the study fall into these three categories.

It also finds that the types of malware that researchers most frequently investigate do not coincide with the most widespread ones.

“Malicious activity detection is only the starting point for attack investigation. To develop response and remediation measures, security analysts need to identify the target of attack, the origin of a malicious object, its popularity,” said a cyber security expert at Kaspersky.

Kaspersky Threat Intelligence Portal has gathered anonymised statistics gathered from the requests that come to the portal to study the types of malware that bother most.

In most cases, submitted ‘hashes’ or suspicious uploaded files turned out to be Trojans, constituting 25 per cent of the requests. Backdoors (24 per cent) gives an attacker remote control over a computer, Trojan-Droppers (23 per cent) install other malicious objects in the victim’s computing systems.

Most widespread type of malware

The data gathered from Kaspersky’s Security Network also show that Trojans are usually the most widespread type of malware. The network processes cyber security-related data streams from millions of voluntary participants around the world.

“However, Backdoors and Trojan-Droppers are not as common. They only make up 7 per cent and 3 per cent of all malicious files blocked by the our endpoint products,” he said.

This difference can be explained by the fact that researchers are often interested in the final target of the attack, while endpoint protection products seek to prevent it at an early stage.

For example, they don’t allow an end user to open a malicious email or follow a malicious link, preventing backdoors from reaching the user’s computer, he said.

“We have noticed that the number of free requests to the Kaspersky Threat Intelligence Portal to check viruses, or pieces of code that insert themselves in over other programs, is extremely low – less than one per cent – but it is traditionally among the most widespread threats detected by endpoint solutions,” he said.

This threat self-replicates and implements its code into other files, which may lead to the appearance of a large number malicious files on an infected system.

“As we can see, viruses are rarely of interest to researchers, most likely because they lack novelty compared to other threats,” said Denis Parinov, Acting Head of Threats Monitoring and Heuristic Detection at Kaspersky.

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

Published on July 10, 2020
This article is closed for comments.
Please Email the Editor