Trojans Accounted for 70 Percent of the New Malware Detected During the Second Quarter of 2009, According to PandaLabs
One of the most notable findings of the report is the 6.25 percent drop in spyware, which now represents just 6.9 percent of all new malware. In contrast, adware rose dramatically over this period, from 7.54 percent in the previous quarter to 16.37 percent. This is largely due to the increase in fake antivirus applications, a type of adware that passes itself off as a legitimate security solution. As for worms, their percentage has also risen slightly, now accounting for 4.4 percent of all malware.
Trojans were also responsible for more infections than any other type of malware over this period. This type of malware was behind 34.37 percent of all infections detected by PandaLabs, an increase of 2.86 percent with respect to the previous quarter. Adware infection levels remained stable, accounting for 19.62 percent of the total.
Worms increased slightly (0.89 percent), staying in the picture due largely to the effectiveness by which they spread. Dialers, at 4.48 percent, stubbornly refused to disappear despite the overriding trend for broadband instead of dial-up connections.
In terms of specific strains of malware, the number one ranked specimen between April and
01 Trj/Downloader.MDW 02 Spyware/Virtumonde 03 Trj/Rebooter.J 04 Trj/Lineage.BZE 05 W32/Bagle.RP.worm 06 Adware/AccesMembre 07 Adware/SystemSecurity 08 W32/Waledac.AS 09 Adware/Lop 10 W32/AutoRun.DJ.worm
When broken down geographically,
Graphical representations of new malware detected in Q2 2009, as well as how different countries are affected by malware infection can be found here: http://www.flickr.com/photos/panda_security/tags/q2report/.
Malicious use of Twitter
A worm appeared in April which used a cross-site scripting technique to infect Twitter users when they visited the profiles of other infected users. It then infected the new user’s profile to continue propagating. New variants appeared, and finally the creator’s identity was revealed: an individual named
In early June, Twitter was the focus of other attacks, this time using different techniques, most predominantly, BlackHat SEO. Twitter has a feature called “Trending Topics”, which is a list of the most popular topics that appears in the interface of all Twitter users. When users select a topic through this feature, they see all ‘tweets’ published that are related to this issue.
In this case, malicious users were writing tweets about the topics listed in Twitter Trends with links to malicious Web pages from which malware was downloaded. The first attack focused on just one of the topics, but just a few days later the scope of the attack increased and all popular topics contained malicious links. When the actor
The second anniversary of Collective Intelligence, a detailed analysis of the Waledac worm, trends regarding the sending of malware via spam and the evolution of BlackHat SEO techniques are just some of the other issues covered in the PandaLabs Quarterly Report.
You can download this report from: http://www.pandasecurity.com/img/enc/Quarterly_Report_PandaLabs_Q2_2009.pdf.
Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security’s new security model which can even detect malware that has evaded other security solutions.
Currently, 94 percent of malware detected by PandaLabs is analyzed through this system of collective intelligence. This is complemented through the work of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), who work 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients.
More information is available in the PandaLabs blog: http://www.pandalabs.com.
SOURCE Panda Security