Huge Rise in Sality Virus and Adware in September 2010

Kaspersky Lab has recently released its monthly analysis of malware for September 2010. According to the Russian headquartered IT security firm's analysis, there has been a rise in the number of infections caused by the Sality virus, along with the development of the Stuxnet worm. The findings come as no big surprise to the researchers at the firm.

The firm states that a new type of the infamous polymorphic Sality virus, dubbed 'bh', was found to be mainly prevalent on users' machines during September 2010. Sality.bh, a new name on the list, acquired eleventh position in September 2010 and circulated with the help of Trojan-Dropper.Win32.Sality.cx, which utilizes flaws in Windows LNK files.

This is the first identified zero-day vulnerability to be exploited by the Stuxnet worm. Same flaw was used by Trojan-Dropper.Win32.Sality.r in August 2010 as well. The geographical circulation pattern of the droppers is quite similar to that of the Stuxnet worm, i.e. both of them are materializing most prolifically in India, followed by Vietnam and Russia.

Commenting on the issue, Vyacheslav Zakorzhevsky, Senior Virus Analyst at Kaspersky Labs commented that generally cybercriminals are very quick to launch exploits when new flaws are discovered. The only fact that promotes cybercrimes is that most of the users fail to update their software frequently, as reported by gadget on October 7, 2010.

Besides, Kaspersky highlights in its recently launched report that there are seven AdWare.Win32 programs in the list of Top Twenty. FunWeb.ge (9th position) is the only new name to the list. Others including: FunWeb.di (4th position), FunWeb.ds (5th position), FunWeb.fb (10th position), FunWeb.q (13th position), FunWeb.ci (16th position) and Boran.z (18th position), have already made it to the top twenty list in July 2010.

Commenting on the entire issue, the firm noted that, these kinds of adware were more infuriating than being dangerous. Their main intention was to draw the attention of users towards advertising banners that were integrated with conventional software. The firm further commented that, though these adware's are usually safe, such programs do slow down the speed of a system, as reported by infosecurity-magazine on October 7, 2010.

Related article: Hack.Huigezi Virus Attacks China PCs Rapidly

» SPAMfighter News - 10/13/2010