September has followed the same trends as observed in previous months, characterized by a lack of massive epidemics albeit without any decrease in the activity of Internet threats.
The most active malicious code in September, according to data compiled by the Panda ActiveScan free, online antivirus, was once again Sdbot.ftp, the script that the Sdbot family of worms uses to download themselves onto computers via FTP. In second place comes the veteran Netsky.P, a worm that exploits a vulnerability in Internet Explorer to run itself automatically. The Jupillites.G Trojan, occupies third place in the ranking.
After that come the Torpig.A and Torpig.DJ Trojans in fourth and fifth place respectively. These Trojans are designed to offer remote access to infected computers. Tearec.A, better known as “Kamasutra”, and one of the most frequently detected malicious codes in 2006, is in sixth place in the ranking.
Bagle.pwdzip, the detection of several variants of the Bagle worm, comes next, followed by Puce.E. The last two in the table are Qhost.gen (a generic detection of the modification of the HOSTS file), and the virus Parite.B, designed to infect files with EXE and SRC extensions.
Malware % frequency
One of the conclusions that can be drawn from this Top Ten is the persistent danger of software vulnerabilities. The presence of Netsky.P, which exploits a software vulnerability resolved more than five years ago, highlights just how many computers are not up-to-date. Similarly, it is clear that social engineering continues to be an excellent means for propagating threats, as underlined by the presence in the ranking of Tearec.A, despite having first appeared some months ago.