Published:Mar 26, 2024

Cybersecurity|Cyberthreats

Surfshark Antivirus: which cyberthreats are the most common?

Since the start of the year, 117 threat types and over 9,000 unique threats were recorded by Surfshark Antivirus. Let's delve into the data and identify the most prevalent malware attacks. Stay safe!

Key insights

  • In January, viruses accounted for over 50% of all detected threats, and trojans took the spotlight in February, comprising just over 30% of the total. As for March, viruses are resurging, although unwanted applications, heuristics, and adware are steadily increasing their relative share of detected threats.
  • Viruses, the most frequently recorded threat category, had around 700 unique threats. The most prevalent virus detected was “Proxy.Agent.” predominantly affecting Apple users. The virus changes users’ search results in browsers, redirecting them to malicious websites distributing infectious software or prompting users to enter sensitive/payment information under false pretenses.¹
  • Trojans, the second most common threat category, encompassed over 2,000 individual threats. The most frequently observed trojan was “Dropper.Gen,” which disguises itself as a legitimate Windows process posing a serious threat by facilitating the installation of more dangerous malware or unwanted adware.²
  • In the third most prominent threat type, potentially unwanted applications (PUAs) had just over 950 unique threats. The most prominent threat in this category was “OfferCore.Gen,” characterized by its bundling installation method. When users install desired programs, they unknowingly agree to install other often unwanted programs. This practice can result in persistent pop-ups, unexpected charges for undesired apps, and a significant slowdown in computer performance.³
  • Heuristics and adware ranked as the fourth and fifth most frequently observed threat types, respectively. Heuristics detect shared characteristics among virus variants, providing an initial alert for unknown viruses by analyzing code and scanning for malware-specific functions. However, it's crucial to note that heuristic threats may yield false positives, as behavior patterns resembling malware can trigger alarms even when no real threat exists.⁵ In the case of adware, the most frequently identified threat was “Adware/related,” notorious for generating intrusive advertising pop-ups on browsers. It can trick users into downloading viruses, making payments, or giving other sensitive information under deceptive conditions.⁴

Methodology and sources

Detected threat types/categories, the threats within those categories, and their relative frequency were collected from Surfshark Antivirus anonymously on March 18, 2024. The data spans January 1 to March 17, 2024. The threat counts were aggregated by month and by threat type. We also went on to look into the most prominent threats per threat type/category to investigate their potential impacts.

You can learn more about the various threats on our antivirus support page⁵.

For the complete research material behind this study, visit here.

References:

¹ Tomas Meskauskas (2023). PC risk. What is 'proxy virus'?; ² Tomas Meskauskas (2021). PC risk. What is Isass.exe?; ³ Tomas Meskauskas (2021). PC risk. What is "Win32/OfferCore"?; ⁴ Ben Lutkevich (2021). TechTarget. adware; ⁵ Surfshark (2024). Different malware types.
The team behind this research:About us