Trojans, Backdoors and Droppers: The Most-Analyzed Malware

The subtext here seems to be “beware of fashionable topics” in the infosec world. Mitigating risk in the early stages of the kill chain is the most effective use of your resources…:

[…] The threats that the malicious objects processed by the portal turned out to be most often associated with trojans. These boobytrapped software threats account for a quarter (25 percent) of the submissions.

Backdoors, which offer persistent remote access to devices or networks by cyberattackers, accounted for nearly a quarter – 24 percent. And finally, trojan-droppers, which are first-stage malware samples that initially land on a victim’s machine before fetching a main payload, account for 23 percent.

Source: Kaspersky

These do not, however, line up with the most common types of malware in circulation today.

“Trojans are usually the most widespread type of malware,” said the firm. “However, backdoors and trojan-droppers are not as common, only making up 7 percent and 3 percent of all malicious files blocked by Kaspersky endpoint products.” It added, “a number of requests were related to backdoors on the Linux and Android operating systems. Such malware families are of interest for security researchers, but their levels are relatively low in comparison to threats targeting Microsoft Windows.”

This difference between analyst interest and threat prevalence can be explained by the fact that researchers are often interested in the final target of the attack, while endpoint protection products are seeking to prevent it at an early stage, noted Kaspersky.

“For example, endpoint protection doesn’t allow an end user to open a malicious email or follow a malicious link, preventing backdoors from reaching the user’s computer,” according to the writeup.

News media coverage also appears to drive submissions to the portal, Kaspersky added. For instance, Emotet is a popular search in the portal, most likely because of a rash of reports about its capabilities in the first part of the year.


Original article here