We often hear Malware being referred to as a broad categorization for all bad things on the internet. In reality however, there are many different types of attacks that make up this threat category.
Data collected on the geographical distribution of malware “Phone Home” locations in the first half of 2009 shows that the USA hosts 35% of malware worldwide, followed by China (14%) and Brazil (8%). Additionally, cyber criminals use TCP port 80 most often for downloading and HTTP to transfer and send infections so they can avoid suspicion as these are both very common protocols.
Trojan malware rose the most in popularity in samples collected between January – June this year, and the penetration of viruses increased slightly. PUPs, Backdoors, and Worms declined just a little. Here’s how each category contributed to malware as a whole.
- Trojan – Trojans represent 55% of all Malware on the internet. Here’s how they work: Trojans perform a variety of malicious functions such as spying, stealing information, logging key strokes and downloading additional Malware.
- Backdoor (21%): Backdoors provide functionality for a remote attacker to log on and/or execute arbitrary commands on the affected system.
- Pup, a Potentially Unwanted Program (8%): PUPs are programs which the user may consent on being installed but may affect the security posture of the system or may be used for malicious purposes. Examples are Adware, Dialers and Hacktools/“hacker tools” (which includes sniffers, port scanners, malware constructor kits, etc.)
- Worm (6%): Worms self-propagate via e-mail, network shares, removable drives, file sharing or instant messaging applications.
- Virus (4%): Viruses propagate by infecting host files
