In the recently published edition of Security Intelligence Report (SIR), the company found out that attackers used Trojans more than any other malware on Microsoft services. Cyber threats are on the rise and with increased complexity in targets, Microsoft aims at making the user aware of the sources and types of malware that can affect his/her computer from anywhere in the world. This lets consumers and enterprise alike be knowledgeable before the attack takes place.
Trojan use is on the rise
Trojans, the study reveals, are the biggest form of malware that has been used by attackers in the past few months. In this graph, between the second and third quarters of 2015, their research showed that encounters involving Trojans increased by fifty-seven percent and stayed elevated through the end of the year. In the second half of 2015, Trojans accounted for five of the top ten malware groups encountered by Microsoft real-time antimalware products.
The increase was due in large part to Trojans known as Win32/Peals, Win32/Skeeyah, Win32/Colisi, and Win32/Dynamer. Also, a pair of newly detected Trojans, Win32/Dorv, and Win32/Spursint, helped account for the elevated threat level.
An important observation in the report was that although the total number of attacks were more frequent on client platforms, the incidence of Trojans was more on server platforms, used by enterprises. During the fourth quarter of 2015, Trojans accounted for three of the top ten malware and 4 of the top 10 malware and unwanted software families most commonly encountered on supported Windows server platforms were categorized as Trojans.
These observations show that all kinds of malware attacks have varying effects on the different operating system and their versions. Although the frequency could depend on how popular or not popular a certain OS is, it is mostly a random and varying factor.
How do Trojans work
Like the famous Trojan horse, software Trojans hide inside files or images or videos and then download malware on the host system.
They typically work like this:
- Backdoor Trojans provide attackers with remote unauthorized access to and control of infected computers
- Downloaders or Droppers are Trojans that install other malicious files to a computer they have infected, either by downloading them from a remote computer or by obtaining them directly from copies contained in their own code.
Now that you know what trojans are and how they can infect systems, you need to be extra aware and keep a look out for fishy and ‘clickbait’ material on the Internet. Apart from that, you can encourage people in your organization to use personal devices for social media and web surfing instead of using devices connected to your corporate network.
To know more in-depth details about the SIR findings, you can click here.