Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Autorun Feature Tops List As Biggest e-Threat For May

BitDefender UK : 08 June, 2010  (Technical Article)
BitDefender's e-threat report for May demonstrates the continued exposure caused by Microsoft's autorun feature which creates vulnerabilities with the use of flash drives and other external memory devices
Although Microsoft has dropped its Windows Autorun feature from Vista SP2 and newer operating systems, there are many users running earlier versions of Windows who are still being exposed, making it the top runner for BitDefender's e-threat report for May.

Accounting for a 13.24 percent share of all global malware, Trojan.AutorunInf.Gen is a generic mechanism designed to spread malware using flash drives, memory cards or external hard-disk drives. Various types of malware, including the infamous Downadup clan, use this approach to trigger further infections.

Next up is Win32.Worm.Downadup.Gen also known as Kido or Conficker which accounts for nearly six percent of the global infections. By exploiting a Windows vulnerability, this worm spreads on computers within local networks and restricts users' access to Windows Update and security vendors' web pages. Whilst Microsoft has remedied this problem in the most recent versions, computer users should check that they have updated their operating systems and antivirus solutions.

The outbreak of rogue Anti-Virus scams has not yet diminished and that is why Trojan.FakeAV.KUE ranks third with five percent of the total amount of infections. This detection covers JavaScript code - hosted either on malicious sites and innocent victims (sites) that have been infected. This is then used to trigger fake alerts on websites connected to the placement of rogue antivirus software.

In fourth place with nearly three percent is Win32.Sality.OG the sole file infector in the top ten e-threats this month. This malicious device appends its encrypted code to executable files (.exe and .scr binaries). Additionally it deploys a rootkit and kills antivirus applications running on the computer, so as to hide its presence on the infected machine.

Fifth place is taken up by a newcomer Trojan.Swizzor.2 with just over two percent of the total number of global infections. This detection deals with an obfuscated downloader that usually opens the way for further malicious software.

BitDefender's May 2010 Top 10 E-Threat list includes:

1. Trojan.AutorunINF.Gen 13.24%
2. Win32.Worm.Downadup.Gen 5.84%
3. Trojan.FakeAV.KUE 5.11%
4. Win32.Sality.OG 2.68%
5. Gen:Variant.Swizzor.2 2.12%
6. Trojan.Autorun.AET 2.02%
7. Gen:Heur.Krypt.24 2.01%
8. Worm.Autorun.VHG 1.97%
9. Gen:Variant.Rimecud.2 1.91%
10. Exploit.PDF-JS.Gen 1.76%
Other 61.33%
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo