Windows Vulnerabilities Prove To Be An Attractive Target For Hackers
The security company, Kaspersky Lab, lately released its publication, Monthly malware Statistics for August 2010. As per the statistics, exploits and worms attacking Windows' shortcut vulnerabilities were the most prolific during August 2010.
August 2010 witnessed a striking growth in malware attacking the CVE-2010-2568 vulnerability. It was first employed by Worm.Win32.Stuxnet, a network which gained infamy in late July 2010 and then again by Virus.Win32.Sality.ag, the Trojan-Dropper program that injects the most recent version of the Sality virus. Naturally, the hackers grasped this new security breach in the most famous version of Windows.
Stuxnet worms which are made to exploit the Windows vulnerability stood at 9th and 12th place amid the list of top 20 harmful programs found by Kaspersky, while a Trojan dropper distributing Sality virus acquired 17th place.
Both of the exploits attacking CVE-2010-2568 that appear in the ranking are commonly detected in Russia, India, and Brazil; as is Trojan-Dropper.Win32.Sality.r. Remarkably, India is also the main source of the Stuxnet worm.
Vyacheslav Zakorzhevsky, Senior malware Analyst at Kaspersky Labs said that the exploit, which prompted Microsoft to issue an emergency patch, generated vulnerable LNK shortcuts with names made to catch attention and circulated these across local networks, as reported by InfoSecuirty on August 2, 2010. Further, he stated that the malware gets initiated when a user opened a folder carrying one of these shortcuts.
Moreover, he added that the chief motive of Trojan dropper (Trojan-Dropper.Win32.Sality.r) was to download the recent and modified version of the Sality virus, a piece of malware that occupied 16th place on the list.s
Another remarkable finding is the constant production of Conficker alternatives being found by Kaspersky. Following the last month's data, the firm informed that the worm's variants continue to hold three out of the top four positions on its harmful program list, which includes the number one spot too.
The ranking also has two harmful packers- Packed.Win32.Krap.ao (twentieth place) makes its first appearance, whereas Worm.Win32.VBNA.b (fourteenth place) featured in the June 2010 rankings. Both of the programs protect malware from being found by security software and can be used to pack virtually any harmful programs.
Related article: Windows XP Fault Strike Firewall
» SPAMfighter News - 10-09-2010