Approximately half (49%) of the total number of malicious files are coming of email traffic, according to a study by Positive Technologies, which analyzed data from 18 pilot projects implementing the technology PT Sandbox.
About a third (31%) of all malicious files are found in network traffic. One in five (20%) instances of malware reside in shared folders and repositories or are uploaded for manual review via the web interface.
Executable files with the .exe extension are the most common, accounting for 52% of malware found in emails and 46% of malicious software extracted from network traffic.
Another 17% of malware have .html and .htm extensions, while about 15% are distributed with .doc (including .docx, .docm) and .xls (.xlsx, .xlsm) extensions, the study found. registered a total of 122 families of dangerous software and more than 1800 malicious files.
Most often, attackers disguise their letters as requests to clarify the prices of goods or services (35%), payment messages (20%) and orders (17%), for the delivery of documents and goods (13%).
According to the report, Trojans account for the lion’s share of the total volume of malware – 91%. In addition, a large proportion of the samples turned out to be spyware – approximately 32%. Identity theft takes up about 21%.