informa
3 min read
article

BitDefender Names January's Top 10 E-Threats

BitDefender's E-Threat Landscape Report show trojans and exploits dominated the malware landscape
BUCHAREST, Romania " February 12, 2009 " Web-based e-threats continue to dominate in the first month of 2009, according to BitDefender'. Trojan.Clicker.CM returned to the leading position of the Top 10 E-Threats with 5.40 percent. Clicker.CM displays a significant number of commercial pop-up windows in the current Web browser's background and tries to lure the user to click. If clicked, profits are generated for advertisements registered within a pay-per-click system. In order to successfully display ads, the Trojan uses several functions that bypass the Norton' Internet Security Pop-up Blocker.

Trojan Wimad.Gen.1 and Trojan.Downloader.Wimad.A succeeded in raising 6.88 percent in January, making them some of the most common e-threats in the wild. Part of a very large family, these Trojans are spread with the aid of a network of malicious websites. Usually distributed via e-mail spam campaigns as a 3.5 MB .wma attachment and bearing the name of some popular artists, the disguised Trojan automatically opens the Web browser in order to retrieve the "appropriate" codec, which is, in effect, another piece of adware " Adware.PlayMp3z.A.

As predicted by BitDefender's E-Threat Landscape Report, the exploits increased their volume in the last month, holding no less than 4 positions and almost 12 percent in the current Top 10. For instance, Trojan.Exploit.SSX abuses vulnerable sites when a malicious SQL code is injected into their databases. The result is an invisible iFrame element that redirects the user to an infected Web site that attempts to download and install several malicious payloads.

Last but not least, autorun infectors and downloaders occupied the remaining positions, with another noteworthy comeback of Packer.Malware.NSAnti.1 with its 2.09 percent. This malware with worm functionality spreads via infected Web sites or through maliciously crafted autorun.inf files within removable devices. NSAnti corrupts Internet Explorer' behavior and steals user names and passwords for online games, such as Silkroad Online or Lineage.

"The beginning of 2009 showed two important trends. First, that Web-based distributed malware is still the most successful type of e-threat in the wild and second, that previous productive breeds are back with the same or even higher percentage," said Sorin Dudea, Head of BitDefender Antimalware Research. "This confirms that the level of user awareness in terms of system security remains very low for defensive activities, such as patching the OS with the latest fixes, updating security suites or surfing the Web cautiously."

BitDefender's January 2009 Top 10 E-Threat list includes:

Pos. Name %