Trojan.Wimad.Gen.1 Makes it to the No.1 Spot on G-Data’s Malware Charts

G-Data the security company declared its Top Ten Malware List covering March 2011 where the most dominant malicious program is Trojan.Wimad.Gen.1.

Trojan.Wimad.Gen.1 poses as a common acoustic file namely .wma; however, to play it, a maliciously-created decoder/codec is recommended for loading onto Windows PCs. Incase anyone runs this file, it can allow the attacker to load malicious software on the user's computer. To distribute the contaminated acoustic file, an attacker, however, requires P2P file-sharing networks.

Following Wimad, however, is Java.Trojan.Downloader.OpenConnection.AI that represents one malevolent Java applet, which pulls down and runs arbitrary files. Existing on the Web, the malware acts like one Java archive. Meanwhile, bypassing the file's encrypted URL, the malevolent HTML pulls down and runs the applet, which in turn evades the Java based sandbox via exploiting the CVE-2010-0840 vulnerability.

Coming next on No.3 is Win32.Ramnit.N, a virus which propagates via contaminating files having specific extensions as well as via installing its own replicas on detachable drives. Essentially, the malware inserts code inside specific processes, while linking up with a distantly located Web-server for taking commands.

Meanwhile, ranking fourth on the List is Worm.Autorun.VHG, which's essentially a spyware that utilizes corrupt tactics for downloading more malware. It also disables firewalls as well as gathers secret data like a user's financial details along with pulling down extra components that enable hackers to gain admission into the contaminated system remotely.

Moreover, appearing on No.5 is Trojan.AutorunINF.Gen that masquerades as an authentic file while it utilizes exploits for pulling down various malicious programs on the infected PCs from remote servers.

Now, alongside the above malicious threats, the list also displays Java.Trojan.Downloader.OpenConnection.AN, JS:Redirector-EP [Trj], Java:Agent-DM [Trj], Trojan.JS.Clickjack.A and Java.Trojan.Exploit.Bytverify.N as occupying the 6th, 7th, 8th, 9th and 10th positions respectively.

Stated Senior Vice-President Ed Johnson of G Data Software, while remarking about these discoveries that there had been a shift in the malware scenario during 2010 when cyber-criminals began aiming their assaults on software programs especially Java. Prlog.org reported this on April 21, 2011. Johnson added that as a safeguard measure, users mustn't turn off their automatic Java applications while must always deploy the latest Java patches.

Related article: Trojans to Target VoIP in 2006

» SPAMfighter News - 4/29/2011