Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Scareware Rises in Dominance During February

Sunbelt Software : 05 March, 2010  (Technical Article)
Sunbelt Software reviews the threat landscape in February with Trojans taking 8 of the top 10 positions
Sunbelt Software has announced the top 10 most prevalent malware threats for the month of February 2010. The report, compiled from monthly scans performed by Sunbelt Software's award-winning anti-malware solution, Vipre Antivirus, and its antispyware tool, CounterSpy, is a service of SunbeltLabs.

Whilst seven of the top 10 detections found by Sunbelt Software's ThreatNet statistics also featured in January, eight of the top 10 were Trojan horse programs, highlighting a surge in this form of attack.

Trojan.Win32.Generic!BT - a generic detection for Trojans, continued to dominate the top 10 and accounted for a third (33.37%) of all detections, up sharply on the previous month when it accounted for just under one quarter. It is a detection that includes many downloaders associated with scareware or rogue security products.

Its continued prominence in the top 10 is also due in part to interest in sporting events such as the Winter Olympics, which has encouraged many to visit untrusted web sites in search of live video from the various events at the Winter Games. This surge in traffic to untrusted and potentially malicious web sites has increased exposure to scareware as well as conventional malware threats.

The rogues, once downloaded, present a fake malware scan of a victim's computer then display false warnings that the machine is infected. The malware then urges the user to purchase rogue security software on the promise that it will disinfect their PC, when in fact it does nothing or further infects the target computer.

This trend will continue as we head into major sporting events such as the 2010 World Cup in June and the popular US college basketball tournament known as 'March Madness' later this month; events that will garner huge demand for online coverage. With many of the World Cup matches taking place during European work hours when users have no access to a TV, the temptation will be strong to seek out online streaming services, be they from trusted or untrusted sources.

Other detections that saw significant change in February include Trojan.Win32.Generic!SB.0, which saw its percentage of total detection jump by almost half to 3.18%, and Exploit.PDF-JS.Gen (v) - a threat that prevents Windows Vista from opening files and executing commands − saw a significant drop in its share to 2.59% from 4.55% of all detections.

"Although the newest threats are largely rogue security products, Trojans and bot-installing malware, the spectrum of malware threats out there continues to be quite broad. The old standards continue to circulate online and gain increased penetration whenever Internet use peaks, as with events such as the recent Winter Olympics," said Sunbelt Software research centre manager Tom Kelchner.

"Adware and its associated malcode bundlers, downloaders and installers don't make the news much anymore, but collectively they make up 10 percent of our ThreatTrack detections. In the month, ThreatTrack tabulated over 1,100 discrete adware threats. In many cases, a Vipre installation somewhere stopped just one instance, but it shows that there is a huge range of persistent threats still out there," he added.

New entries in the top 10 in February were:

* Trojan.Win32.Generic.pak!cobra (Rootkit)
* Trojan-Spy.Win32.Zbot.gen (v) (Password stealing trojan)
* Trojan.Win32.Agent (Fake Windows service, modifies system settings)

The top 10 results represent the number of times a particular malware infection was detected during Vipre and CounterSpy scans that report back to ThreatNet, Sunbelt Software's community of opt-in users. These threats are classified as moderate to severe based on method of installation among other criteria established by SunbeltLabs. The majority of these threats propagate through stealth installations or social engineering.

The top 10 most prevalent malware threats for the month of February are:

1 Trojan.Win32.Generic!BT 33.37%
2 Trojan-Spy.Win32.Zbot.gen 4.10%
3 Trojan.Win32.Generic.pak!cobra 3.37%
4 Trojan.Win32.Generic!SB.0 3.18%
5 Exploit.PDF-JS.Gen (v) 2.59%
6 Trojan-Spy.Win32.Zbot.gen (v) 1.74%
7 Virtumonde 1.64%
8 Trojan.ASF.Wimad (v) 1.54%
9 Trojan.Win32.Malware 1.52%
10 Trojan.Win32.Agent 1.39%
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo