Exploits Surpass Trojans in E-threats for February 2010

BitDefender has revealed in its recent study that exploits executed via detachable devices along with vulnerabilities in operating systems have once again risen to the highest ranks on the February Top Ten E-Threats List. As per the report, two exploits, two trojans and a single worm were among the five most prevalent e-threats during the month.

At the end of February 2010, Trojan.Clicker.CM (the No.1 e-threat) disappeared from the List of most prevalent e-threats. Instead, the generic malware 'Trojan.AutorunInf.Gen' occupied the topmost position. Trojan.AutorunInf.Gen disseminates malware through detachable tools like memory cards, external hard-disks and USB sticks. The malware was responsible for 9.09% of the total security infections worldwide.

Commenting on the problem, Catalin Cosoi, Senior Researcher at BitDefender, advises that it is important to scan external devices regularly, as reported by LIVE-PR on March 1, 2010. Cosoi adds that the safe practice of scanning external devices should be done when they (devices) are attached to library PCs, or used in public locations like coffee shops and cyber-cafes.

Furthermore, BitDefender finds another malware Win32.Worm.Downadup.Gen that climbed one position from January 2010. Occupying No.2 spot at 6.24%, this worm capitalizes on a much familiar vulnerability in Microsoft Windows.

Cosoi explains that Win32.Worm.Downadup.Gen, called Kido or Conficker, has been present in the company's monthly malware charts. This demonstrates that a majority of users have been missing on updating their anti-malware software and operating systems. They have also not deployed the security patches issued by Microsoft a year-or-so back. Cosoi adds that the Downadup worm's recent variants also load fake AV software among other things.

Meanwhile, the No.3 and No.4 e-threats in BitDefender's February 2010 list are Exploit.PDF-JS.Gen and Exploit.PDF-Payload.Gen at 5.13% and 4.21% respectively. These generic infections handle maliciously controlled PDF files exploiting various security flaws in the JavaScript engine of Adobe Acrobat Reader and seek to run malware on end-users' PCs.

Apart from this, Torrents remained a favorite medium for distributing malware while retaining its January top position. But Trojan.Wimad.Gen.1 was on No.5 at 3.37% in February. Evidently, the malware could perfectly cover as a prospective popular series' episode or some box-office title.

Related article: Exploiting BITS To Compromise Windows Update

» SPAMfighter News - 3/8/2010