SOURCE: BitDefender


June 04, 2009 09:51 ET

Trojans Continue to Dominate BitDefender's Top Ten E-Threats in May

An Infection Technique, the autorun.inf Exploitation Code, Takes Top Spot on the List

BUCHAREST, ROMANIA--(Marketwire - June 4, 2009) - BitDefender, an award-winning provider of innovative anti-malware security solutions, today released the ten most prevelant threats facing Internet users in the month of May. The list continues to be dominated by Trojans, as it was in April. The simple user-interaction driven pieces of malware occupy six of the top ten spots on the list.

First place on BitDefender's Top Ten E-Threats in May does not go to a piece malware, but rather to an infection technique -- the autorun.inf exploitation code found in threats such as Conficker and Sality. With 9.93 percent of detections, it is the most widespread exploit and the top e-threat of the month.

Trojan.Clicker.CM, a popup-serving program, takes second place with 9.23 percent of detections.

Third place goes to the Wimad trojan, an e-threat which masquerades as a video player with 5.34 percent of detections.

Fourth place goes to Exploit.SWF.Gen, heavily used in malicious and compromised websites worldwide, with 4.33 percent of detections.

Conficker claims the fifth spot on BitDefender's Top Ten E-Threats in May with 3.12 percent of detected infections.

A dangerous polymorphic file infector, Win32.Sality.OG, claims sixth place. The virus infects executable files as well as network shares, re-writing itself in the process to avoid signature-based scanners. Once an infected file is executed directly, or the drive it resides in gets opened with the "Autorun" option enabled, the virus installs a rootkit on the affected computer. The rootkit gives the attacker complete control, while the virus itself, oddly, acts as a port-scanner, trying to find open UDP services on random computers.

The Storm Worm takes the seventh spot on the list as a dropped component, which means it is not spreading on its own but rather it is being installed by another e-threat, presumably to be used as a "remote control" for the infected computer.

The Peed Trojan claims the eighth spot on BitDefender's Top Ten E-Threats in May with 1.9 percent of detections.

Trojan.Autorun.AET, a trojan which spreads through shared folders via the Autorun misfeature in Windows takes ninth place.

A new addition to the list, Trojan.JS.PYV, takes the last spot on the list with 1.73 percent of detected infections.

BitDefender's Top Ten E-Threat in May includes:

Pos.                Name                %
1.        Trojan.AutorunINF.Gen        9.93
2.        Trojan.Clicker.CM            9.23
3.        Trojan.Wimad.Gen.1           5.34
4.        Exploit.SWF.Gen              4.33
5.        Win32.Worm.Downadup.Gen      3.12
6.        Win32.Sality.OG              2.25
7.        Trojan.Exploit.ANPW          2.17
8.        Dropped:Trojan.Peed.Gen      1.9
9.        Trojan.Autorun.AET           1.87
10.       Trojan.JS.PYV                1.73
          Other malware                58.13

To stay up-to-date on the latest e-threats, sign-up for BitDefender's RSS feeds here.

About BitDefender®

BitDefender is the creator of one of the industry's fastest and most effective lines of internationally certified security software. Since its inception in 2001, BitDefender has continued to raise the bar and set new standards in proactive threat prevention. Every day, BitDefender protects tens of millions of home and corporate users across the globe -- giving them the peace of mind of knowing that their digital experiences will be secure. BitDefender solutions are distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. More information about BitDefender and its products are available at the company's security solutions press room.