Trojans are the most widespread type of malware finds Kaspersky

The Kaspersky Threat Intelligence Portal helps analysts to reveal the background of an attack such as the intended target, origin and popularity etc more quickly. Kaspersky experts examined free requests to the Kaspersky Threat Intelligence Portal to reveal which threats malicious objects processed by the portal are most often associated with.

In most cases, submitted hashes or suspicious uploaded files turned out to be Trojans (25% of requests), Backdoors (24%) – malware that gives an attacker remote control over a computer – and Trojan-Droppers (23%) that install other malicious objects. Statistics from Kaspersky Security Network also show that Trojans are usually the most widespread type of malware. However, Backdoors and Trojan-Droppers are not as common – they only make up 7% and 3% of all malicious files blocked by the Kaspersky endpoint products.

This difference can be explained by the fact that researchers are often interested in the final target of the attack, while endpoint protection products are seeking to prevent it at an early stage.

Also, the popularity of these categories can be explained by the interest in particular threats and the researchers’ need to analyze them in more detail. For example, many users actively searched for information about Emotet, as several news articles appeared about this malware at the beginning of the year. A number of requests were related to Backdoors on the Linux and Android operating systems. Such malware families are of interest for security researchers, but their levels are relatively low in comparison to threats targeting Microsoft Windows.

“We have noticed that the number of free requests to the Kaspersky Threat Intelligence Portal to check viruses or pieces of code that insert themselves in over other programs, is extremely low – less than one percent, but it is traditionally among the most widespread threats detected by endpoint solutions. This threat self-replicates and implements its code into other files, which may lead to the appearance of a large number of malicious files on an infected system. As we can see, viruses are rarely of interest to researchers, most likely because they lack novelty compared to other threats,” – commented Denis Parinov, Acting Head of Threats Monitoring and Heuristic Detection.