Worms and Trojans Make November Malware List

In its monthly ranking of the top circulating malware, security vendor PandaLabs discovered several new malicious codes that made way for the first time in November 2006. The most prominent one is 'W32/Nuwar' worm, which placed itself fourth in the list. This worm proliferates through e-mail messages whose text talked of the 'Third World War' or the assumed deaths of Bush or Putin.

Another new malware in the list is 'Banbra.DJM', which is a variant of the Trojan that seizes login details of several Brazilian banking services.
There is another Trojan, the 'Trj/Spamer.T', entering as the last one that demonstrates a classic instance of how hackers now use malicious codes for stealthily gaining entry into a computer and then turning it into a medium for distributing spam.

The group of malicious codes frequently comprise of bots and Trojans, which allow hackers to apply fraudulent means. The security vendor's study detected 'Sdbot.ftp' as the most frequent malware during November this year. The worm manipulates vulnerabilities in Windows such as 'RPC.DCOM' and 'LSASS'. This code continues to rank the top indicating the lack of updated security systems for users.

The malware held the top position throughout 2006. In October, this malware was found in 2.08% of infected systems, while there was a drop in November to 1.9%.

The 'Torpig.A' Trojan occupied the second place. Apparently inoffensive, this Trojan in certain situations can conduct attacks and intrusions. The greatest danger with this Trojan is that it intercepts key information entered or saved by the user thereby threatening user privacy. Such information includes passwords saved in certain Windows services.

The long-running 'Netsky.P' worm that exploits the vulnerability in Internet Explorer to execute automatically has dropped to a lower rank. The decrease in incidents with 'Sdbot.ftp' is an indication of improvement in computer security. Both the malicious codes are known to directly exploit vulnerabilities, which have been remedied since some time.

Luis Corrons, Director of PandaLabs, explains that the presence of 'Netsky.P' in the top ten is still an issue of concern. This is because of the absence of awareness about the necessity to keep systems protected with adequate updates.

Related article: Worms Slip Down to Make Place for Trojans & Adware

» SPAMfighter News - 12/5/2006