Report: Trojans Continue To Dominate Malware Threat Landscape

  • Dec 09, 2010

GFI Software recently announced the top 10 most prevalent malware threats for the month of November. The report, compiled from monthly scans performed by GFI's anti-malware solution, VIPRE Antivirus, and its antispyware tool, CounterSpy, is a service of GFI Labs.

As in recent months, Trojans dominated the threat landscape in November. ThreatNet data revealed that seven of the top 10 malware threats were classified as Trojans. The number-one detection, Trojan.Win32.Generic!BT, is a Trojan comprising over 20 percent of the ThreatNet detections.

“There is another picture in the top-10 numbers,” said Tom Kelchner, GFI Software communications and research analyst. “Three of them go after applications or server software that hasn’t been patched. The number six detection, Exploit.PDF-JS.Gen (v), tries to exploit a security flaw in PDF files with embedded JavaScript. That’s aiming at Adobe products. It often installs downloaders that pull down other malware from remote Web sites.”

Worm.Win32.Downad.Gen (v,) the Downadup worm (also called Conficker and Kido) in the number seven spot, is a worm that spreads across a network by taking advantage of a vulnerability in Windows Server service which allows remote code execution when file sharing is enabled. This vulnerability was patched some time ago.

Trojan.ASF.Wimad (v), in the number nine spot, is a VIPRE detection for a group of Trojanized Windows media files that exploit an old vulnerability in Windows Media Player. It redirects the victim’s browser to a web site to download malicious files. This is also is an old vulnerability that’s been fixed.

“If this malcode is still circulating, it means that the malcode writers are seeing a landscape with lots of unpatched and vulnerable machines. The conclusion is pretty clear for both enterprises and consumers: update Windows operating systems (including servers), browsers, Adobe products and media players and keep them updated,” said Kelchner. 

Top 10 detections for November 
                Detection 	                   Type 	  	Percent 					
1. 	Trojan.Win32.Generic!BT 		Trojan 		22.44 
2. 	Trojan-Spy.Win32.Zbot.gen 		Trojan 		3.88 
3. 	Trojan.Win32.Generic.pak!cobra 	Trojan 		3.53 
4. 	Trojan.Win32.Generic!SB.0 		Trojan 		3.46 
5. 	INF.Autorun (v) 		         Trojan 		1.83 
6. 	Exploit.PDF-JS.Gen (v) 		Exploit 		1.45 
7. 	Worm.Win32.Downad.Gen (v) 		Worm.W32 		1.42 
8. 	Trojan.Win32.Malware.a 	         Trojan 		0.83 
9. 	Trojan.ASF.Wimad (v) 		Trojan 		0.76 
10. 	Trojan.Win32.Meredrop 		Trojan Downloader 	0.68

Featured

  • Maximizing Your Security Budget This Year

    Perimeter Security Standards for Multi-Site Businesses

    When you run or own a business that has multiple locations, it is important to set clear perimeter security standards. By doing this, it allows you to assess and mitigate any potential threats or risks at each site or location efficiently and effectively. Read Now

  • New Research Shows a Continuing Increase in Ransomware Victims

    GuidePoint Security recently announced the release of GuidePoint Research and Intelligence Team’s (GRIT) Q1 2024 Ransomware Report. In addition to revealing a nearly 20% year-over-year increase in the number of ransomware victims, the GRIT Q1 2024 Ransomware Report observes major shifts in the behavioral patterns of ransomware groups following law enforcement activity – including the continued targeting of previously “off-limits” organizations and industries, such as emergency hospitals. Read Now

  • OpenAI's GPT-4 Is Capable of Autonomously Exploiting Zero-Day Vulnerabilities

    According to a new study from four computer scientists at the University of Illinois Urbana-Champaign, OpenAI’s paid chatbot, GPT-4, is capable of autonomously exploiting zero-day vulnerabilities without any human assistance. Read Now

  • Getting in Someone’s Face

    There was a time, not so long ago, when the tradeshow industry must have thought COVID-19 might wipe out face-to-face meetings. It sure seemed that way about three years ago. Read Now

    • Industry Events
    • ISC West
Most   Popular

Featured Cybersecurity

Webinars

New Products

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities 3

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame. 3