ESET – Trojan Dominated Threat Landscape in Aug 09

ESET has recently released a report "Global Threat Report for August 2009" that says - Conficker was the top most widespread worm accounted for 8.56% of total threats in August 2009 but its share declined by 2% on an average compared to July 2009 statistics.

The second place on the list was occupied by Win32/PSW.OnLineGames that had a share of 8.28% in the total global threats. This family of Trojan is used by cyber criminals for launching phishing attacks against game players. It is said that this Trojan has keylogging and rootkit features that collect information regarding online games and other important data for participating in the game.

Moreover, the third position was taken up by INF/Autorun, with a share of 7.80% of the global threats. This comes with information about programs that automatically start operating as soon as a removable media is connected to Windows PC. Sitting at the fourth position was Win32/Agent that represented 3.57% share in the global threats, and belong to a family of malware family capable of plundering user information from targeted computers.

INF/Conficker seized the fifth place on the list with the identification rate of 1.76%. It has connection with the INF/Autorun detection and applies to the file autorun.inf used for the spreading of newer version of Conficker.

At the sixth place stood Win32/Pacex.Gen with a detection rate of 1.66%. It uses a large number of malicious files that obfuscate themselves through various layers. Win32/TrojanDownloader.Swizzor accounted for 1.39% of total threats and occupied seventh place on the list. It is commonly employed to install and download various other malicious codes on the infected computer.

At the eighth and ninth place, Win32/Qhost and Win32/TrojanDownloader.Bredolab secured their position respectively. Win32/Qhost represented 0.93% and spread through an e-mail. It gives complete control of the compromised system to hackers. On the other had, Win32/TrojanDownloader.Bredolab accounted for 0.81% and injected itself in running process to deactivate some security processes.

The last place was seized by WMA/TrojanDownloader.GetCodec with a share of 0.76% in the global threats. It has the capability to modify media files and convert nearly all audio files existing to WMA format. It adds a new field to header that comprises URL directing the user to a new codec. This codec needs to be downloaded so that media files could be read.

Related article: ESET Discusses Malware Writers’ Trend

» SPAMfighter News - 9/14/2009