Kaspersky Releases Report

PARIS -- The July online scanner Top Twenty is something of a watershed as it includes absolutely all classes of malicious program: viruses, worms, Trojans, backdoors, adware and potentially malicious programs. This huge variety one again confirms that today, a computer is vulnerable to attack by any type of malicious program. The question is not whether a computer will be attacked, but how significant the loss will be. In these terms, it'sTrojan spy programs which cause the greatest damage.

As a quick look at the online rankings shows, virus writers are currently obsessed with malicious code which can be used for espionage. This month's Top Twenty includes more than ten programs which use one method or another to harvest user information and confidential data such as bank account numbers.

Banker.anv holds first place for the third month in a row. This malicious program originates in Brazil, and it's spread throughout the world. Since January 2006, it's invariably to be found somewhere towards the top of the rankings. Russian Trojan writers aren’t lagging behind their Brazilian colleagues either; Trojan-Dropper.Win32.Microjoin.bx occupies second place. This program is one of the most widespread carriers for LdPinch, another spy program of Russian origin. In July, the

Russian segment of the Internet was flooded when LdPinch used ICQ to spread, having been installed by Microjoin. Taking into account the fact that LdPinch deletes itself from the victim machine once it has done its work, the presence of Microjoin.bx in second place gives us some idea of the scale on which LdPinch was sent out.

One surprise is the two email worms in the top half of the table. If we compare these rankings with the email traffic rankings, it’s clear that neither Rays nor Brontok are particularly widespread, although both these worms have figured in our online statistics before. Another hybrid creation, Bagle.gen, a combination of a worm and a spy program, is rising up the table to join them. In June, this malicious program was in 20th place; this month, however, it's reached 12th place, and shows no signs of slowing down.

Kaspersky Lab