Trojan Clicker tops January online threats report
Web-based threats continue to dominate during the first month of 2009, according to BitDefender’s latest E-threat Landscape report. Leading the Top Ten analysis was Trojan.Clicker.CM, with a share of 5.40 per cent. This device displays a significant number of commercial pop-up windows in the background of the user’s Web browser in order to lure the user to click.
The aim is to generate profits for advertisements registered within a pay-per-click system. To display the ads successfully, the Trojan uses several functions that bypass the Norton Internet Security Pop-up Blocker, for instance.
Trojan Wimad.Gen.1 and Trojan.Downloader.Wimad.A succeeded in raising 6.88 per cent in January 2009, making them some of the most common e-threats in the wild. Part of a very large family, these Trojans are spread with the aid of a network of malicious websites.
Usually distributed via e-mail spam campaigns as a 3.5Mb .wma attachment and bearing the name of some popular artists, the disguised Trojan automatically opens the Web browser in order to retrieve the ‘appropriate’ codec, which is, in effect, another piece of adware – Adware.PlayMp3z.A.
As predicted by BitDefender’s E-Threat Landscape Report, the exploits increased their volume in the last month, holding no less than four positions and almost 12 per cent in the current Top 10. For instance, Trojan.Exploit.SSX abuses vulnerable sites when a malicious SQL code is injected into their databases. The result is an invisible iFrame element that redirects the user to an infected Web site that attempts to download and install several malicious payloads.
Lastly, autorun infectors and downloaders occupied the remaining positions, with another noteworthy comeback of Packer.Malware.NSAnti.1 with its 2.09 per cent. This malware with worm functionality spreads via infected Web sites or through maliciously-crafted autorun.inf files within removable devices. NSAnti corrupts Internet Explorer behavior and steals user names and passwords for online games, such as Silkroad Online or Lineage.
“Web-based distributed malware is still the most successful type of e-threat in the wild and secondly: that previous productive breeds are back with the same or even higher percentage,” says head of BitDefender antimalware research, Sorin Dudea. “This confirms that the level of user awareness in terms of system security remains very low for defensive activities, such as patching the OS with the latest fixes, updating security suites or surfing the Web cautiously.”
BitDefender’s January 2009 Top 10 E-Threat list includes:
Position / name / percentage share
- Trojan.Clicker.CM - 5.40 per cent.
- Trojan.Wimad.Gen.1 - 4.32 per cent.
- Trojan.AutorunINF.Gen - 4.22 per cent.
- Trojan.Downloader.Js.Agent.F - 3.79 per cent.
- Trojan.Exploit.ANPI - 3.59 per cent.
- Trojan.Exploit.SSX - 3.36 per cent.
- Exploit.SinaDLoader.A - 2.70 per cent.
- Trojan.Downloader.Wimad.A - 2.56 per cent.
- Exploit.HTML.Agent.AO - 2.30 per cent.
- Packer.Malware.NSAnti.1 - 2.09 per cent.
Other malware - 65.67 per cent.