When investigating malicious activity, cybersecurity researchers are focused mostly on three types of malware: Trojans (25 percent), backdoors (24 percent) and malware installers (23 percent).
This is according to data collected by security firm Kaspersky via its Threat Intelligence Portal.
However, Trojans are said to be by far the most common malware type, with backdoors and dropper making up just seven and three percent of all malicious files respectively.
Although there is a discrepancy between search volume and number of incidences, Kaspersky believes there is a logical explanation. According to the firm, many common attacks are blocked by endpoint products - and therefore do not require further analysis. Threats that are less commonplace, meanwhile, demand further investigation.
“We have noticed that the number of free requests to the Kaspersky Threat Intelligence Portal to check viruses, or pieces of code that insert themselves in over other programs, is extremely low – less than one per cent, but it is traditionally among the most widespread threats detected by endpoint solutions,“ said Denis Parinov, Acting Head of Threats Monitoring and Heuristic Detection.
“This threat self-replicates and implements its code into other files, which may lead to the appearance of a large number malicious files on an infected system. As we can see, viruses are rarely of interest to researchers, most likely because they lack novelty compared to other threats.”