USB Trojan Dominates BitDefender’s March 2010 E-Threat Report

On April 2, 2010, security software vendor 'BitDefender' released its March 2010 e-threat report, stating that trojans still rule the threat landscape, dominating the list with 13% of total malware worldwide is Trojan.AutorunInf.Gen. The Trojan is a common mechanism which is circulated through detachable devices.

The notorious Conficker or Kido, Win32.Worm.Downadup.Gen worm, holds second position at 6.19%.

Senior Researcher at BitDefender, Catalin Cosoi, stated that this worm exploits the famous Microsoft Windows flaw. For avoiding this, people just have to update both the operating system and their locally-installed antimalware program, as per the news published by Help Net Security on April 2, 2010.

In addition, Exploit.PDF-JS.Gen (5.30%) came third on the list. This generic detection deals with specially-designed PDF files which exploit various vulnerabilities bothering the Javascript engine of Adobe PDF Reader for executing harmful code on the user's system. On opening an infected PDF file, a specially-designed Javascript code stimulates the installation of harmful binaries from remote locations.

Win32.Sality.OG (2.58%) stands at the fourth position in the list released by the firm. This virus is a polymorphic file infector which changes executable files attaching its encripted body at the end of the file in a newly-made section. To get to the execution of this, the original code is also substituted with polymorphic sequences from the entry point which held in the decryption routine. The icon of the compromised file remains unchanged.

Trojan.JS.Downloader.BIO (2.13%) appears at the fifth place. This is a Javascript inserted into authentic webpages through SQL injection method, attacking only websites with ASP (Active Server Pages).

Ranking sixth in the list is Trojan.Autorun.AET (1.95%). The Trojan is a malicious code spreading through the Windows shared folders and through removable storage devices. Trojan.Autorun.AET exploits the Autorun feature of Windows for automatically stimulating applications in case an infected storage device is plugged in.

The latest entry in the list and standing at the seventh place is Gen:Heur.Krypt.21 (1.921%), which is a malicious virus.

Worm.Autorun.VHG (1.78%), Exploit.PDF-Payload.Gen (1.67%) and Trojan.Wimad.Gen.1 (1.42%) also appeared at the eighth, ninth and tenth positions respectively in the list.

Related article: UCSF Server Holding Personal Information Encounters Hack

» SPAMfighter News - 4/13/2010