Laatste nieuws

Trojans prevail in top e-threats list

July 2009


BitDefender released today a list of the top ten e-threats detected in May

It's trojans all the way (almost) with these simple, user-interaction driven pieces of malware occupying no less than six of the ten positions, including the top three.

First place in the BitDefender top ten goes to an infection technique, rather than a piece of malware. The autorun.inf exploitation code found in threats as diverse as Conficker and Sality tops out at 9.93% of detections, making it the most widespread exploit and the top e-threat of the month.

The positively ancient Trojan.Clicker.CM, a popup-serving program, can be found in second place with a whopping 9.23% of detections.

In third place is the Wimad trojan, an e-threat which masquerades as a video player, with 5.34% of detections.

A lowly bit of SWF exploit code, heavily used in malicious and compromised websites the world over, can be found in fourth, at 4.33%. Conficker is on the up again, for some reason, climbing in fifth position this month with 3.12% of detected infections.

A polymorphic file infector claimed sixth place this month, and if that sounds dangerous, it is. The virus infects executable files as well as network shares, re-writing itself in the process to avoid signature-based
scanners.

Once such an infected file gets executed directly, or the share it�s in gets opened with the "Autorun" option enabled, the virus installs a rootkit on the affected computer. The rootkit gives an attacker complete control, while the virus itself, oddly, acts as a port-scanner trying to find open UDP services on random computers.

The Storm Worm, in seventh place, is back from the e-dead. It returns as a dropped component, that is, it is not spreading on its own, but rather it is being installed by some other e-threat, presumably to be used as a "remote control" for the infected computer.

Trojan.Autorun.AET, a trojan which also spreads through shared folders via the Autorun misfeature in Windows, is in ninth place this month. And finally, the Trojan.JS.PYV closes the list at number ten, a new entry with 1.73% of detections.



BitDefender�s May 2009 Top 10 E-Threat list includes:

Trojan.Clicker.CM
Pos.Name%
1Trojan.AutorunINF.Gen9.93
29.23
3Trojan.Wimad.Gen.15.34
4Exploit.SWF.Gen4.33
5Win32.Worm.Downadup.Gen3.12
6Win32.Sality.OG2.25
7Trojan.Exploit.ANPW2.17
8Dropped:Trojan.Peed.Gen1.9
9Trojan.Autorun.AET1.87
10Trojan.JS.PYV1.73
OTHERS58.13


Share