Trojans Dominate January 2010 E-threats of Sunbelt

Sunbelt Software released its list of Top Ten e-threats for January 2010 during the 1st week of February 2010.

As per Sunbelt's ThreatNet statistics, the malware landscape during January 2010 was dramatically similar to that of December 2009. The first 7 most prevalent infections remained identical with those of December 2009. However, the order of detections was slightly different. During December 2009 and January 2010, six malware threats detected among the Top Ten comprised of Trojan programs.

Placed at No.1, Trojan.Win32.Generic!BT (a generic Trojan) accounted for almost 23.15% of the total malicious programs discovered. Moreover, the malware remained on the top position for three consecutive months, rising almost 20% over 18.69% of the total December 2009 detections. It includes a number of downloaders pertaining to rogue or scareware security software.

The second spot on Sunbelt's list is occupied by Trojan-Spy.Win32.Zbot.gen. While this password-stealing malware appeared for the third month in a row, its detection rate declined from 6.23% to 4.91%.

Next at No. 3 position is Exploit.PDF-JS.Gen (v), accounting for 4.55% of all malicious programs. This program attempts to infect the computer if a maliciously designed PDF file and JavaScript code were executed.

Coming at the fourth position is Trojan.Win32.Generic!SB.O with detection rate at 2.40%. This malware is a generalized password-stealing Trojan, which installs keyloggers recording the users' keystrokes and transmitting the stolen information back to the malware's controllers.

Ranked No.5 is a generic Trojan named Trojan.Win32.Malware. This malware classification has almost 140,000 items of malicious software. During January 2010, it was responsible for 1.93% of all malicious programs.

Coming sixth on the e-threats list is Trojan.ASF/Wimad, with 1.92% of detections. The list also consists of malevolent Windows Media files, which take instructions from a distantly located computer server. They are normally created or installed via another malware.

Moreover, at No. 7 is INF.Autorun (1.46%), which automatically launches Trojans, Trojan downloaders and backdoors when the user accesses specific folders or files.

Finally, at positions 8, 9 and 10 are Virtumonde, Packed.Win32.TDSS.aa.3 (v) and Trojan.HTML.FakeAlert.a (v), accounting for 1.23%, 1.21% and 0.98% of the total detections respectively.

Related article: Trojans to Target VoIP in 2006

» SPAMfighter News - 2/10/2010