According to the data gathered by Panda ActiveScan, the free online antivirus solution, Downloader.GK was the malicious code responsible for most attacks on users’ computers for the ninth consecutive month. It is also worth noting the prominence of the Downloader family -with four of the top ten places- and the dominance of Trojans in general.
Over the past month, Downloader.GK has caused just over 4.5 percent of incidents, a significant drop with respect to the figure in January, which was around 8.5 percent. Close up in second place came Mhtredir.gen (4.03%), a generic detection for a family of Trojans, followed by the Shinwow.E Trojan (3.48%), and the only two worms that appear in the ranking: Netsky.P (3.27%) and Sdbot.ftp (3.04%).
The remaining five places in the Panda ActiveScan Top Ten for February are occupied by the Trojans Zpachast.D, Downloader.LP, Downloader.ALQ, Qhost.gen and WmvDownloader.A-, with frequency ratings ranging from 1.52 to 2.17 percent.
The following points stand out from the data collected by Panda ActiveScan in February:
– Strong presence of the Downloader family of Trojans.
The GK variant of Downloader tops the February ranking, which also includes three other members of the same family. This prominence could be largely due to the numerous malicious actions that Downloader Trojans can take, such as downloading other malware (adware, spyware, etc.) onto compromised systems, making them especially useful for their creators who are therefore busy generating new variants. In fact, this month’s ranking includes two relatively new variants: WmvDownloader.A and Downloader.ALQ, which first appeared in mid-January and early February respectively.
– Trojan dominance.
Eight of the ten malicious code in the ranking are Trojans, as opposed to six in January. This shows a continuation of the trend that started in June 2004, when Trojans began to take over from worms as the most frequently detected infectors. The overriding presence of Trojans in the Panda ActiveScan Top Ten reflects the intense activity of cyber-crooks, seeking financial gain by exploiting the fact that Trojans can be used to steal confidential data which can then be used fraudulently.
– Additional threats.
As was the case in January, several of the most prominent Trojans in February download and run other types of malware, such as spyware, on users’ computers. The main consequence of spyware on PCs is the gathering of information, including confidential details. If these effects are cause for concern in home computers, in corporate environments they can result in serious financial losses, given the time taken by IT staff to resolve the problem and regain control of the system and the loss of productivity of employees trying to work their way through the annoying distractions that these programs create (redirecting websites, pop-ups, etc). More serious still, the theft of confidential information, including passwords, means that administrators need to keep a constant watch over each and every computer to prevent this kind of attack.