Microsoft – Malware Families Dominated Australian Threat Landscape in H2 2008
Microsoft released its "Security Intelligence Report" Edition VI for H2 2008 in the second week of April 2009 in which it said that the malware families had dominated the threat landscape in Australia by accounting for 67.3% of malicious families discovered on infected computers in that period.
The top position in the list of top 25 families from Microsoft seized by Win32/Renos, a family of Trojan Downloaders & Droppers, as it infected maximum number of PCs in Australia during H2 2008.
According to the report, Renos infected 78,057 computers in Australia during H2 2008 by displaying a message on users' machines that their existing security software not functioning properly and a new security software should be installed. In fact, the message was wrong and misleading to create fear among the users so that they purchase or download third-party software.
Win32/Zlob took the second position in the Microsoft's list by infecting 72,693 machines during H2 2008 in Australia. Microsoft categorized it as 'Trojan Downloaders & Droppers' and also explained that it could potentially change the Internet Explorer configuration, redirect home pages and default Internet search.
Apart from Zlob and Renos Trojan, Win32/Vundo, the globally renowned Trojan, also joined the league of Trojan families found on the Australian computers. Virtumonde was detected on 56,458 Australian computers in H2 2008. This Trojan also features characteristics of both Trojan and adware as well as one of the widest spreading malware at present. However, the Trojan is regarded as hard to be removed.
Win32/ZangoSearchAssistant ranked fourth on the Microsoft's list of top 25 malicious families. It infected nearly 44,646 computers in Australia during H2 2008.
Security experts have claimed that the malware is a dangerous adware pretending as software that helps in search. After it has completed the search, Zango captures the results attain from searching on Yahoo! and Google. Moreover, the results researcher get from these two search engines include sites that are affiliated with ZangoCash. In fact, the results are of much lower quality mainly consisting of commercial products. This implies that the search results are also hijacked.
The fifth place in the list was acquired by 'Win32/FakeSecSen', a Trojan family detected on 28,372 machines in Australia during H2 2008. 'FakeSecSen' is a perfect example of bogus security scanner.
Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails
» SPAMfighter News - 15-05-2009