Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Trojan downloaders are continuing to dominate malware statistics with exploitations of the autorun.inf and Delphi functions continuing.ESET statistics show that in August, the Conficker worm was the most widespread threat globally with a share of 8.56 per cent. However it registered a slight decrease of two per cent on average compared with July statistics, while on a country-by-country level this was even more pronounced.However, the report found that a mixture of threats claimed a stronger global position, predominantly online gaming trojans and exploitations of the autorun.inf function, the second and third most detected threats respectively.Statistics from Sunbelt Software's SunbeltLabs reported that the password-stealing Trojan threat Trojan-Spy.Win32.Zbot.gen maintained the top spot on the list, but its prevalence increased by 53.7 per cent month-over-month to 7.67 per cent of overall Sunbelt detections, from 4.99 per cent in July.The second most detected was Trojan.Win32.Generic!BT, a downloader associated with rogue security programs, that did not appear on the list in July yet was the second highest threat with 7.57 per cent of detections.SunbeltLabs also found that the Win32.induc virus, which was highly publicised in August for propagating itself through Delphi development applications, did not make the list.Michael St. Neitzel, Sunbelt Software vice president of threat research and technologies, said: “The fact that Zbot is the top detection for the last two months isn't surprising. It's a very versatile piece of malcode that injects code from a remote site to steal information from its victims, including cached passwords, login credentials for websites (chiefly banks) as well as data in certificates and cookies. It has some backdoor functionality and may record keystrokes.“We first noticed an increased distribution of it in the middle of May when it was distributed through a number of spam campaigns. In one case, the spam email purported to be an airline e-ticket and in others it arrived as either an attachment that claimed to be from United Parcel or an alleged e-payment notification of an order with Amazon.com. We have documented more than 2,700 files related to Trojan-Spy.Win32.Zbot.gen since it was first detected.”Kaspersky Lab's statistics found that Net-Worm.Win32.Kido.ih and Virus.Win32.Sality.aa are still its top rated threats, but has also detected that the Virus.Win32.Induc.a, that makes use of the Delphi two stage method for creating executable files, is prevalent.It also claimed that more than half the entries in August's second Top Twenty are new examples of cybercriminals' creativity.See original article on scmagazineuk.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.