Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Sunbelt Publishes Top 10 Malware Threat List For June

Sunbelt Software : 07 July, 2010  (Technical Article)
Using analysis taken from its Vipre and CounterSpy anti-malware products, Sunbelt Software has compiled a list of the most prevalent IT security threats which were active during June 2010
Sunbelt Publishes Top 10 Malware Threat List For June
Sunbelt Software has announced the top 10 most prevalent malware threats for the month of June 2010. The report, compiled from monthly scans performed by Sunbelt Software's award-winning anti-malware solution, Vipre Antivirus, and its antispyware tool, CounterSpy, is a service of SunbeltLabs.

Most significant in June was a surge in detections of Trojan-Spy.Win32.Zbot.gen, a growing family of password-stealing Trojan horse programs, which moved up from fifth place in May to second in June as a result.

Also revealed by Sunbelt Software's ThreatNet statistics was the re-emergence of the high-profile Conficker worm, in the form of variant Downadup. Like the original Conficker strain, Downadup spreads across a network by taking advantage of a vulnerability in Windows Server service which allows remote code execution when file sharing is enabled. This particular variant of Downadup also spreads through removable drives and takes advantage of weak administrator passwords to turn off some system services and anti-malcode protection.

New entries in the top 10 in June were:

* Packed.Win32.Tdss.q (v) (TDSS Rootkit)
* Trojan.ASF.Wimad (v) (Redirect browsers to a malware-infected web site)
* Worm.Win32.Downad.Gen (v) (A variation of the Conficker worm)

Trojan.ASF.Wimad (v) is a VIPRE detection for a group of Trojanized Windows media files which, when opened with Windows Media Player, redirect the victim's browser to a web site to download malicious files. They have been used to download a variety of malware. The growth in these detections in the month of June is widely due to increased activity around video downloads associated with the FIFA World Cup, which began on June 11.

Trojan.Win32.Generic!BT - a generic detection for Trojans, continued to dominate the top 10 and accounted for a over a quarter (27.16%) of all detections, down a fraction on the previous month. It is a detection that includes many downloaders associated with scareware or rogue security products.

Seven of the top 10 detections found also featured in May, while six of the top 10 were Trojan horse programs, highlighting a small decrease in the number of different types of Trojans being detected in volume. However, Trojans are still highly active, as illustrated by the growth in Trojan-Spy.Win32.Zbot.gen.

INF.Autorun (v), Trojan.Win32.Generic.pak!cobra and BehavesLike.Win32.Malware (v) also recorded significant month-on-month rises in percentage of detections.

"Although Trojans continue to dominate the top 10, June reveals interesting trends such as a fresh wave of Conficker-based detections, suggesting that this troublesome piece of malware is on its way back," said Sunbelt Software research centre manager Tom Kelchner.

"As we expected, malware related to the distribution and downloading of media files is also on the increase, as highlighted by the appearance of Trojan.ASF.Wimad (v) in the top 10 for June, coinciding with the start of the FIFA World Cup. With many of the World Cup matches taking place during work hours when users have no access to a TV, the temptation to seek out online streaming services, be they from trusted or untrusted sources, has been too strong for some users. To avoid unnecessary malware risks, it is essential to keep clear of unknown and unproven sites offering audio and video streaming," Kelchner added.

The top 10 results represent the number of times a particular malware infection was detected during VIPRE and CounterSpy scans that report back to ThreatNet, Sunbelt Software's community of opt-in users. These threats are classified as moderate to severe based on method of installation among other criteria established by SunbeltLabs. The majority of these threats propagate through stealth installations or social engineering.

The top 10 most prevalent malware threats for the month of June are:

1 Trojan.Win32.Generic!BT 27.16%
2 Trojan-Spy.Win32.Zbot.gen 4.68%
3 INF.Autorun (v) 4.05%
4 Trojan.Win32.Generic.pak!cobra 2.58%
5 BehavesLike.Win32.Malware (v) 1.48%
6 Packed.Win32.Tdss.q (v) 1.34%
7 Trojan.ASF.Wimad (v) 1.13%
8 Trojan.Win32.Malware 1.06%
9 Trojan.Win32.Agent 1.04%
10 Worm.Win32.Downad.Gen (v) 1.02%
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo