Sunbelt Software Announces Top 10 Malware Threats for February

March 4, 2010

CLEARWATER, Fla., March 4 /PRNewswire/ — Sunbelt Software, a leading provider of Windows security software, today announced the top 10 most prevalent malware threats for the month of February 2010. The report, compiled from monthly scans performed by Sunbelt Software’s award-winning anti-malware solution, VIPRE® Antivirus, and its antispyware tool, CounterSpy®, is a service of SunbeltLabs(TM).

While seven of the top 10 detections found by Sunbelt Software’s ThreatNet(TM) statistics remained from January, eight of the top 10 were Trojan horse programs, highlighting a surge in this form of attack.

Trojan.Win32.Generic!BT — a generic detection for Trojans, continued to dominate the top 10 and accounted for one third (33.37%) of all detections, up sharply on the previous month when it accounted for just under one quarter. It is a detection that includes many downloaders associated with scareware or rogue security products.

Its continued prominence in the top 10 is also due in part to interest in sporting events such as the Winter Olympics, which has encouraged many to visit untrusted web sites in search of live video from the various events at the Winter Games. This surge in traffic to untrusted and potentially malicious web sites has increased exposure to scareware as well as conventional malware threats.

The rogues, once downloaded, present a fake malware scan of a victim’s computer then display false warnings that the machine is infected. The malware then urges the user to purchase rogue security software on the promise that it will disinfect their PC, when in fact it does nothing, or further infects the target computer.

This trend will continue as we head into major sporting events such as the ‘March Madness’ NCAA basketball tournament later this month and the 2010 World Cup soccer tournament in June; events that will garner huge demand for online coverage. With many of the March Madness games taking place during work hours when users have no access to a TV, the temptation will be strong to seek out online streaming services, be they from trusted or untrusted sources.

Other detections that saw significant change in February include Trojan.Win32.Generic!SB.0, which saw its percentage of total detection jump by almost half to 3.18%, and Exploit.PDF-JS.Gen (v) — a threat that prevents Windows Vista from opening files and executing commands — saw a significant drop in its share to 2.59% from 4.55% of all detections.

“Although the newest threats are largely rogue security products, Trojans and bot-installing malware, the spectrum of malware threats out there continues to be quite broad. The old standards continue to circulate online and gain increased penetration whenever Internet use peaks, as with events such as the recent Winter Olympics,” said Sunbelt Software research center manager Tom Kelchner.

“Adware and its associated malcode bundlers, downloaders and installers don’t make the news much anymore, but collectively they make up 10 percent of our ThreatTrack(TM) detections. In the month, ThreatTrack tabulated over 1,100 discrete adware threats. In many cases, a VIPRE installation somewhere stopped just one instance, but it shows that there is a huge range of persistent threats still out there,” he added.

New entries in the top 10 in February were:

  • Trojan.Win32.Generic.pak!cobra (Rootkit)
  • Trojan-Spy.Win32.Zbot.gen (v) (Password stealing trojan)
  • Trojan.Win32.Agent (Fake Windows service, modifies system settings)

The top 10 results represent the number of times a particular malware infection was detected during VIPRE and CounterSpy scans that report back to ThreatNet, Sunbelt Software’s community of opt-in users. These threats are classified as moderate to severe based on method of installation among other criteria established by SunbeltLabs. The majority of these threats propagate through stealth installations or social engineering.

The top 10 most prevalent malware threats for the month of February are:

    1.  Trojan.Win32.Generic!BT                        33.37%
    2.  Trojan-Spy.Win32.Zbot.gen                       4.10%
    3.  Trojan.Win32.Generic.pak!cobra                  3.37%
    4.  Trojan.Win32.Generic!SB.0                       3.18%
    5.  Exploit.PDF-JS.Gen (v)                          2.59%
    6.  Trojan-Spy.Win32.Zbot.gen (v)                   1.74%
    7.  Virtumonde                                      1.64%
    8.  Trojan.ASF.Wimad (v)                            1.54%
    9.  Trojan.Win32.Malware                            1.52%
    10. Trojan.Win32.Agent                              1.39%

About SunbeltLabs

SunbeltLabs specializes in the discovery and analysis of dangerous vulnerabilities (i.e., security holes, bugs, maligned features or combination of operations) that could be exploited for Internet and email attacks. The research team actively researches new malware outbreaks, creating and testing new threat definitions on a constant basis. For detailed threat research information and to view the top 10 threats in real time please visit SunbeltLabs at http://www.sunbeltsecurity.com.

About Sunbelt Software

Headquartered in Tampa Bay (Clearwater), Fla., Sunbelt Software was founded in 1994 and is a leading provider of Windows security software including enterprise antivirus, antispyware, email security, and malware analysis tools. Leading products include the VIPRE® and CounterSpy® product lines, Sunbelt Exchange Archiver(TM), CWSandbox(TM), and ThreatTrack(TM).

For more information about Sunbelt Software, please visit the company’s website at: http://www.sunbeltsoftware.com. To learn more about current activities, products, and ideas at Sunbelt Software, please visit Sunbelt’s corporate blog at http://www.sunbeltblog.com. To view this release online, go to http://www.sunbeltsoftware.com/Press/Releases/?id=338.

All trademarks used are owned by their respective companies.

    Contact:       Brian Alberti                Laurie Murrell
                   Davies Murphy Group          Sunbelt Software
                   781-418-2403                 727-562-0101
                   sunbelt@daviesmurphy.com      lauriem@sunbeltsoftware.com
                   www.daviesmurphy.com         www.sunbeltsoftware.com

SOURCE Sunbelt Software

Source: newswire

comments powered by Disqus