Connect with us

Hi, what are you looking for?

HEADLINES

Trojans, Backdoors, and Droppers top list of most-searched malware by security analysts

The statistics also show that the types of malware that researchers most frequently investigate do not coincide with the most widespread ones.

Anonymized statistics from free requests to the Kaspersky Threat Intelligence Portal have revealed that almost three quarters (72%) of the analyzed malicious files fell into three categories: Trojans, Backdoors, and Droppers. The statistics also show that the types of malware that researchers most frequently investigate do not coincide with the most widespread ones.

Malicious activity detection is only the starting point for attack investigation. To develop response and remediation measures, security analysts need to identify the target of attack, the origin of a malicious object, its popularity, etc. The Kaspersky Threat Intelligence Portal helps analysts to reveal the background of an attack more quickly. Kaspersky experts examined free requests to the Kaspersky Threat Intelligence Portal to reveal which threats malicious objects processed by the portal are most often associated with.

In most cases, submitted hashes or suspicious uploaded files turned out to be Trojans (25% of requests), Backdoors (24%) – malware that gives an attacker remote control over a computer – and Trojan-Droppers (23%) that install other malicious objects. Statistics from Kaspersky Security Network, the infrastructure dedicated to processing cybersecurity-related data streams from millions of voluntary participants around the world, also show that Trojans are usually the most widespread type of malware. However, Backdoors and Trojan-Droppers are not as common – they only make up 7% and 3% of all malicious files blocked by the Kaspersky endpoint products. 

This difference can be explained by the fact that researchers are often interested in the final target of the attack, while endpoint protection products are seeking to prevent it at an early stage. For example, they don’t allow an end user to open a malicious email or follow a malicious link, preventing backdoors from reaching the user’s computer. On top of that though, security researchers need to identify all the components inside the dropper.

Also, the popularity of these categories can be explained by the interest in particular threats and the researchers’ need to analyze them in more detail. For example, many users actively searched for information about Emotet, as several news articles appeared about this malware at the beginning of the year. A number of requests were related to Backdoors on the Linux and Android operating systems. Such malware families are of interest for security researchers, but their levels are relatively low in comparison to threats targeting Microsoft Windows. 

Advertisement. Scroll to continue reading.

“We have noticed that the number of free requests to the Kaspersky Threat Intelligence Portal to check viruses, or pieces of code that insert themselves in over other programs, is extremely low – less than one percent, but it is traditionally among the most widespread threats detected by endpoint solutions. This threat self-replicates and implements its code into other files, which may lead to the appearance of a large number of malicious files on an infected system. As we can see, viruses are rarely of interest to researchers, most likely because they lack novelty compared to other threats,” commented Denis Parinov, Acting Head of Threats Monitoring and Heuristic Detection.

Kaspersky Threat Intelligence Portal is a single point of access for the company’s threat intelligence, providing all cyber-attack data and insights gathered by Kaspersky over more than 20 years.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

Likening the Converge network to a digital fortress, CISO Andrew T.  Malijan said that its battlements were strengthened in 2024 as it blocked a...

HEADLINES

ThinkShield Firmware Assurance is one of the only computer OEM solutions to enable deep visibility and protection below the operating system (OS) by embracing Zero...

HEADLINES

Kaspersky experts have uncovered a series of scams related to the growing demand, ranging from impersonating trusted brands to creating entirely fraudulent storefronts.

HEADLINES

This achievement highlights the increasing demand for Sophos’ proactive, expert-led security solutions, which help organizations of all sizes stay protected 24/7 against increasingly sophisticated...

HEADLINES

Trend's 2025 predictions report warns of the potential for malicious "digital twins," where breached/leaked personal information (PII) is used to train an LLM to...

HEADLINES

The findings show that platform security – securing the hardware and firmware of PCs, laptops and printers – is often overlooked, weakening cybersecurity posture...

HEADLINES

In rigorous evaluations conducted by prestigious cybersecurity testing organizations, Kaspersky Plus (starting in Q4 2024, Kaspersky Premium), Kaspersky Endpoint Security for Business (KESB), and...

HEADLINES

"Given the Philippines' high exposure to cyber threats, it's important for both individuals and businesses to stay vigilant," said Adrian Hia, Managing Director for...

Advertisement