Trojan Buzus Reappeared in the Wild, Declares Fortinet

Fortinet the security company, on January 4, 2011, announced its "December 2010 Threat Landscape" report stating that Trojan Buzus yet again emerged online.

Elaborates 'Fortinet' that during December 2010, the 'Buzus' was spread via bulk e-mails, right at the time of the festival, pretending to be e-cards. Also, those messages contained attachments that when viewed infected computers as well as dispatched the same e-cards to every other e-mail id listed on the contact lists of those PCs'. This way more systems were infected that were added to the expanding botnet. Incidentally, the security company found that Buzus' chief payload was the infamous botnet namely Hiloti.

Stated Project Manager Derek Manky in-charge of Fortinet's Cyber Security and Threat Research division that cyber-criminals preferred Hiloti that was spread via lot of different botnets as the malware introduced a 'pay-per-install' associate module through which long-standing botnet distributors earned certain fee whenever Hiloti was inserted inside a fresh computer. The incentive module let creators of Hiloti to add more-and-more contaminated systems faster than by making the additions organically, Manky explained. Marketwire.com reported this on January 4, 2011.

Meanwhile, Fortinet in its report also lists the 10 most prevalent malware which contaminated people's computers during December 2010. Rank-wise they were W32/Buzus.011E!tr at No.1, accounting for 30.3% of all contaminations the company detected followed with HTML/Iframe.DN!tr.dldr (11.4%), W32/Kriz.3863 (4.1%), W32/Injector.fam!tr (3.4%) and W32/Netsky.P@mm (1.9%) positioned on No.2, 3, 4 and 5 respectively.

The remaining top malicious programs were JS/Feebs.A@mm (1.5%), Java/Openconnection.F7E8!tr (1.4%), W32/VB.WL!tr (1.1%), W32/SillyFDC.G!tr (1.0%) and W32/Krap.AO!tr (1.0%) positioned on No. 6, 7, 8, 9 and 10 respectively.

Amusingly, during December 2010, France overtook USA in the race for generating most malware infections, occupying the topmost place and accounting for 35.9% of the entire infections detected there. USA, accounting for 34.3% of all contaminations, was closely at No.2, while the other most malware-infection generating countries were Japan, India and China at 32.3%, 12.40% and 12.40% and ranked as No.3, 4 and 5 respectively.

Additionally, the countries, which encountered the highest spam during December 2010, included USA (9.37%), France (9.11%), Japan (6.77%), Taiwan (3.88%) and Italy (3.03%).

Related article: Trojans to Target VoIP in 2006

» SPAMfighter News - 1/13/2011