Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Hidden code Trojans in top malware positions for October.

BitDefender UK : 31 October, 2007  (Technical Article)
Generic Trojans make a comeback with obfuscation techniques which slip past many anti-virus programmes emphasising the need for users to take extra care.
The first three positions of BitDefender's 'Top Ten' Malware report for October are occupied not by single pieces of malware, but by generic signatures - detection rules which stand in for all the malware using a particular infection or obfuscation technique.

Indeed, the first position is occupied by trojan downloaders, a category which, through such exponents as the Peed trojan (aka Storm worm) has made headlines recently.

An old exploit takes second position, presumably due to the fact that it is just old enough to have found its way into the code of many different worms as one more trick to try when attempting an infection but still not old enough that there doesn't exist a sizeable population of unpatched machines anymore.

On the third position stand files detected as Packer.Malware.NSAnti.J, which are actually programs that had been packed/protected with a protection system called NSAnti, used by malware authors to bypass anti-virus protection and to hide malware contents. The packer itself is polymorphic and has the ability to detect if it's running in a virtualized environment (as in an antivirus countermeasure) and to try crashing it upon detection, in an attempt to make automated detection of new versions harder.

The following few places are occupied by old and very old mass mailer viruses, proving once again that, despite the wonders of backups and highly reliable computers, viruses never truly die. Unfortunately, the Sality.M virus is yet again present in the top ten, hovering in one of the bottom places as it has done for most of the year.

'All in all, it's been a rather eventful month,' declared Viorel Canja for BitDefender. 'We're seeing lots and lots of new viruses and a general tendency towards ever-stealthier malware which gets updated at a fantastic clip. Once again, B-HAVE and other automated detection techniques have proved crucial in keeping our customers safe'.

October's Top Ten Listing

1 BehavesLike:Trojan.Downloader 20.36 %.
2 Exploit.Win32.WMF-PFV 17.51 %.
3 Packer.Malware.NSAnti.J 10.49 %.
4 [email protected] 6.56 %.
5 [email protected] 2.06 %.
6 [email protected] 2.00 %.
7 [email protected] 1.90 %.
8 .J Trojan.VBS.Autorun 1.79 %.
9 Win32.Sality.M 1.46 %.
10 Trojan.Agent.AFIS 1.43%.
Others 34.43 %.

For further details on the latest malware detected in the wild, please visit BitDefender's Defence Portal
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo