Report: Trojans Continue To Dominate Malware Threat Landscape

GFI Software recently announced the top 10 most prevalent malware threats for the month of November. The report, compiled from monthly scans performed by GFI's anti-malware solution, VIPRE Antivirus, and its antispyware tool, CounterSpy, is a service of GFI Labs.

As in recent months, Trojans dominated the threat landscape in November. ThreatNet data revealed that seven of the top 10 malware threats were classified as Trojans. The number-one detection, Trojan.Win32.Generic!BT, is a Trojan comprising over 20 percent of the ThreatNet detections.

“There is another picture in the top-10 numbers,” said Tom Kelchner, GFI Software communications and research analyst. “Three of them go after applications or server software that hasn’t been patched. The number six detection, Exploit.PDF-JS.Gen (v), tries to exploit a security flaw in PDF files with embedded JavaScript. That’s aiming at Adobe products. It often installs downloaders that pull down other malware from remote Web sites.”

Worm.Win32.Downad.Gen (v,) the Downadup worm (also called Conficker and Kido) in the number seven spot, is a worm that spreads across a network by taking advantage of a vulnerability in Windows Server service which allows remote code execution when file sharing is enabled. This vulnerability was patched some time ago.

Trojan.ASF.Wimad (v), in the number nine spot, is a VIPRE detection for a group of Trojanized Windows media files that exploit an old vulnerability in Windows Media Player. It redirects the victim’s browser to a web site to download malicious files. This is also is an old vulnerability that’s been fixed.

“If this malcode is still circulating, it means that the malcode writers are seeing a landscape with lots of unpatched and vulnerable machines. The conclusion is pretty clear for both enterprises and consumers: update Windows operating systems (including servers), browsers, Adobe products and media players and keep them updated,” said Kelchner.

Top 10 detections for November 
                Detection 	                   Type 	  	Percent 					
1. 	Trojan.Win32.Generic!BT 		Trojan 		22.44 
2. 	Trojan-Spy.Win32.Zbot.gen 		Trojan 		3.88 
3. 	Trojan.Win32.Generic.pak!cobra 	Trojan 		3.53 
4. 	Trojan.Win32.Generic!SB.0 		Trojan 		3.46 
5. 	INF.Autorun (v) 		         Trojan 		1.83 
6. 	Exploit.PDF-JS.Gen (v) 		Exploit 		1.45 
7. 	Worm.Win32.Downad.Gen (v) 		Worm.W32 		1.42 
8. 	Trojan.Win32.Malware.a 	         Trojan 		0.83 
9. 	Trojan.ASF.Wimad (v) 		Trojan 		0.76 
10. 	Trojan.Win32.Meredrop 		Trojan Downloader 	0.68

Featured

  • Maximizing Your Security Budget This Year

    The Importance of Proactive Security Measures: 4 Stories of Regret

    We all want to believe that crime won’t happen to us. So, some business owners hope for the best and put proactive security measures on the back burner, because other things like growth, attracting new customers, and meeting deadlines all seem more pressing. Read Now

  • 91 Percent of Security Leaders Believe AI Set to Outpace Security Teams

    Bugcrowd recently released its “Inside the Mind of a CISO” report, which surveyed hundreds of security leaders around the globe to uncover their perception on AI threats, their top priorities and evolving roles, and common myths directed towards the CISO. Among the findings, 1 in 3 respondents (33%) believed that at least half of companies are willing to sacrifice their customers’ long-term privacy or security to save money. Read Now

  • Milestone Announces Merger With Arcules

    Global video technology company Milestone Systems is pleased to announce that effective July 1, 2024, it will merge with the cloud-based video surveillance solutions provider, Arcules. Read Now

  • Organizations Struggle with Outdated Security Approaches, While Online Threats Increase

    Cloudflare Inc, recently published its State of Application Security 2024 Report. Findings from this year's report reveal that security teams are struggling to keep pace with the risks posed by organizations’ dependency on modern applications—the technology that underpins all of today’s most used sites. The report underscores that the volume of threats stemming from issues in the software supply chain, increasing number of distributed denial of service (DDoS) attacks and malicious bots, often exceed the resources of dedicated application security teams. Read Now

Featured Cybersecurity

Webinars

New Products

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3