Trojans, Dominant e-threats in BitDefender’s Top Ten Malware List

On June 3, 2009, BitDefender published its list of Top 10 malware threats that actively proliferated during May 2009. Chiefly, the list highlights that Trojans, driven with ordinary, user-participation malware samples, occupied a minimum of six positions among the Top 10.

Opening the list and placed on the first position among BitDefender's top ten e-threats is an infection tactic rather than a malware item. This tactic is the autorun.inf code for exploitation that prevails in threats ranging from Sality to Conficker. With 9.93% of detections, this exploitation code is most widespread and the most prevailing threat for May 2009.

Coming next on the second position is the traditional Trojan.Clicker.CM, a program that serves pop-up windows, with an enormous 9.23% of detections. Placed third is Trojan Wimad, a threat that pretends to be a movie player, accounting for 5.34% of detections.

Besides this, the SWF exploit code that is extensively used for compromised and malicious websites worldwide appears modestly on the fourth position, with 4.33% of detections, while Conficker appears yet again, rising to the fifth position at 3.12%.

Claiming the sixth position during May 2009 is a file infector that is polymorphic in nature. The worm infects network shares as also executable files, modifying itself during the process of infection so that it can evade detection by signature-based scanners. Subsequently, as a network share which has the worm gets opened because of the enabled 'Autorun' option, or a contaminated file gets straight away executed, the worm begins planting a rootkit onto the infected computer.

Aside this, the Storm Worm, occupying the seventh position, made a comeback to run active in May 2009. However, it has been behaving like a dropped module i.e., it wouldn't spread automatically instead some other malware would have to install it, expectedly to be utilized to control the infected PC remotely. Further, Trojan Dropped:Trojan.Peed.Gen occupied the eighth position accounting for 1.9% of all detections.

Next on the ninth position was Trojan.Autorun.AET, a Trojan that too propagates via shared folders with Windows 'Autorun' feature. Finally, Trojan.JS.PYV occupied the tenth position, making a first-time entry and accounting for 1.73% of detections.

Related article: Trojans to Target VoIP in 2006

» SPAMfighter News - 6/8/2009