Trojans prevail in top e-threats
Trojans dominate BitDefender’s list of top 10 e-threats detected in May (2009), with these simple, user-interaction driven pieces of malware occupying six of the positions, including the top three.
First place in the BitDefender list goes to an infection technique, rather than a piece of malware. The autorun.inf exploitation code found in threats as diverse as Conficker and Sality tops out at 9.93 per cent of detections, making it the most widespread exploit and the top e-threat of the month.
The relatively ancient Trojan.Clicker.CM, a popup-serving program, can be found in second place with a sizeable 9.23 per cent of detections. Third place goes to the Wimad trojan, an e-threat that masquerades as a video player, with 5.34 per cent of detections.
A lowly bit of SWF exploit code, heavily used in malicious and compromised websites the world over, can be found in fourth, at 4.33 per cent. Old hand Conficker is on the up again, for some reason, climbing in fifth position in May (1999) with 3.12 per cent of detected infections.
A polymorphic file infector claimed sixth place this month: this dangerous virus infects executable files as well as network shares, re-writing itself in the process to avoid signature-based scanners. Once such an infected file gets executed directly, or the share it’s in gets opened with the "Autorun" option enabled, the virus installs a rootkit on the affected computer. The rootkit gives an attacker complete control, while the virus itself, oddly, acts as a port-scanner trying to find open UDP services on random computers.
Back from the e-dead is The Storm Worm, in seventh place; it returns as a dropped component, that is, it is not spreading on its own, but rather it is being installed by some other e-threat, presumably to be used as a ‘remote control’ for the infected computer.
Trojan.Autorun.AET, a trojan which also spreads through shared folders via the Autorun misfeature in Windows, is in ninth place; and finally, the Trojan.JS.PYV closes the list at number ten, a new entry with 1.73 per cent of detections.
BitDefender’s May 2009 Top 10 E-Threats in full:
- Trojan.AutorunINF.Gen - 9.93 per cent
- Trojan.Clicker.CM - 9.23 per cent
- Trojan.Wimad.Gen.1 - 5.34 per cent
- Exploit.SWF.Gen - 4.33 per cent
- Win32.Worm.Downadup.Gen - 3.12 per cent
- Win32.Sality.OG - 2.25 per cent
- Trojan.Exploit.ANPW - 2.17 per cent
- Dropped:Trojan.Peed.Gen - 1.9 per cent
- Trojan.Autorun.AET - 1.87 per cent
- Trojan.JS.PYV - 1.73 per cent
- Other threats/malware - 58.13 per cent