BitDefender's top ten malware.
The first three positions of BitDefender's 'Top Ten'
Malware report for October are occupied not by single pieces of malware,
but by generic signatures--detection rules which stand in for all the
malware using a particular infection or obfuscation technique.
Indeed, the first position is occupied by trojan downloaders, a
category which, through such exponents as the Peed trojan (aka Storm
worm) has made headlines recently.
An old exploit takes second position, presumably due to the fact
that it is just old enough to have found its way into the code of many
different worms as one more trick to try when attempting an infection
but still not old enough that there doesn't exist a sizeable
population of unpatched machines anymore.
On the third position stand files detected as
Packer.Malware.NSAnti.J, which are actually programs that had been
packed/protected with a protection system called NSAnti, used by malware
authors to bypass anti-virus protection and to hide malware contents.
The packer itself is polymorphic and has the ability to detect if
it's running in a virtualized environment (as in an antivirus
countermeasure) and to try crashing it upon detection, in an attempt to
make automated detection of new versions harder.
The following few places are occupied by old and very old mass
mailer viruses, proving once again that, despite the wonders of backups
and highly reliable computers, viruses never truly die. Unfortunately,
the Sality.M virus is yet again present in the top ten, hovering in one
of the bottom places as it has done for most of the year.
"All in all, it's been a rather eventful month,"
declared Viorel Canja for BitDefender. "We're seeing lots and
lots of new viruses and a general tendency towards ever-stealthier
malware which gets updated at a fantastic clip. Once again, B-HAVE and
other automated detection techniques have proved crucial in keeping our
customers safe".
October's Top Ten Listing
1. BehavesLike: Trojan.Downloader 20.36 %
2. Exploit.Win32.WMF-PFV 17.51 %
3. Packer.Malware.NSAnti.J 10.49 %
4. Win32.Netsky.P@mm 6.56 %
5. Win32.NetSky.D@mm 2.06 %
6. Win32.Netsky.AA@mm 2.00 %
7. Win32.Nyxem.E@mm 1.90 %
8. .J Trojan.VBS.Autorun 1.79 %
9. Win32.Sality.M 1.46 %
10. Trojan.Agent.AFIS 1.43%
Others 34.43 %
www.bitdefender.com
COPYRIGHT 2007 A.P. Publications
Ltd. Reproduced with permission of the copyright holder. Further reproduction or distribution is prohibited without permission.
Copyright 2007, Gale Group. All rights
reserved. Gale Group is a Thomson Corporation Company.
NOTE: All illustrations and photos have been removed from this article.