BitDefender Releases List of Top Ten Malware Programs

According to BitDefender's List of Top Ten Security Threats for December 2009, malware, Exploit.PDF-JS.Gen, was the most prevalent threat accounting for 12.04% of all infections. The exploit handles maliciously-created PDF files and exploits various security flaws found in JavaScript engine of Adobe PDF Reader.

The second most prevalent threat on BitDefender's December 2009 list was Trojan.AutorunInf.Gen, which represented 8.15% of all infections. This malicious program attacks Autorun utility in Microsoft Windows. All detachable storage devices contain an autorun.ini code, which directs the PCs to run specific files when the devices are inserted into them.

Following Trojan.AutorunInf.Gen was Trojan.Clicker.CM. This malware usually resides in websites hosting illegitimate applications like cracks, key generators and serial numbers. During December 2009, this Trojan was responsible for 7.87% of all infections the company detected.

The next e-threat at No.4 was Win32.Worm.Downadup.Gen, which represented 5.85% of total infections. This worm spreads by exploiting Remote Code Execution Vulnerability (MS08-67) of Microsoft Windows Server Service RPC i.e. "remote procedure call." The creators of Downadup used different ways to make the worm propagate quickly and to make its removal truly hard.

Trojan.Wimad.Gen.1 occupied No. 5 position on the list with infection share of 4.57%. This malware usually exploits Advanced Systems Format (ASF) files to download a suitable codec from the Net so that infected binary files get installed on the affected machine.

Taking the sixth place was Win32.Sality.OG (2.65%). This worm is a 'file infector' of polymorphic nature and attaches itself to .exe files. Moreover, it hides on the contaminated computer by installing a rootkit, and tries to disable locally installed antivirus programs.

On the seventh spot was Trojan.Autorun.AET (1.97%), which spreads through detachable devices and via shared folders on Windows.

Ranked eighth was Worm.Autorun.VHG (1.65%), which abuses the Windows MS08-067 vulnerability so that it can remotely execute itself via a special RPC package.

Furthermore, Win32.Worm.Downadup.B (1.08%), which is a variant of Win32.Worm.Downadup, was at No.9. While this variant exhibits the same functions as of the original worm, it blocks a lower number of AV URLs.

Coming last on BitDefender's list was Trojan.Script.236197 with infection share of 1.08%.

Related article: BitDefender Releases March Malware List

» SPAMfighter News - 1/19/2010