Conficker Dominates BitDefender’s Top Ten e-Threats List for Aug ‘09

BitDefender, an Internet security firm, released the list of 'Top 10 e-Threats for August 2009' on August 31, 2009. The firm said that for the first time, Conficker or Win32.Worm.Downadup acquired the first position in the list with 43% of the total number of infected machines. The new variant of the worm has the potential to download malicious software on a compromised machine.

Win32.Induc.A followed Conficker at second spot on the list, accounting for 15% of the total infected systems in August 2009. BitDefender said that the worm spread through the systems that run Delphi versions 4 and 7 by making attempts to open registry key.

Win32.Sality.OG occupied the third place on the list, having a share of 14% in total e-threats detected during the month. The virus had a polymorphic feature that made it to infect several files at a time. It could change executable files, such as .exe and .scr, and added its encrypted body at the end of each file in a new section. To execute this file from its original code, it was also substituted by polymorphics sequences that held in the decryption routine.

The fourth place was taken by 'Worm.Autorun.VHG' that contributed 9% of the malicious e-threats in the month of August. This worm is different from other worms as it exploits the Windows MS08-067 flaw to execute itself at a distant location by using a specially designed Remote Procedure Call (RPC) package. BitDefender states that the persistent appearance of this worm on its list indicates to the sheer negligence of security advisories issued by Microsoft to fix vulnerabilities.

BitDefender's monthly report of top 10 e-threats contained Win32.Virtob.Gen at the fifth place, with a share of 5% in the overall e-threats identified in August 2009. It has a feature of file infection and is coded in assembly language. Moreover, Win32.Virtob.Gen infects .scr and .exe files of Windows.
Packer.Malware.NSAnti.1 was placed at the sixth place, followed by Win32.Worm.AutoIt.AC and Win32.Sality.2.OE at seventh and eighth places respectively. Packer.Malware.NSAnti.1 alone accounted for 4% of the total e-threats whereas the other two accounted for 3% of malicious e-threats each in August 2009.

At ninth and tenth places stood Gen: TDSS. Patched.1 and Win32.Worm.DownadupINF.Gen respectively, each having a share of 2% in total malicious e-threats.

Related article: Conviction of First Felony Spam in Virginia Upheld

» SPAMfighter News - 9/11/2009