Top ten e-threats for June 2009

eBook: The DevOps Roadmap for Security - Tips and tools for bridging the security tribe into DevOps. Download →

BitDefender released the top ten e-threats for the month of June. Five of the ten worst e-threats are Trojans, making this the best represented e-threat category.

In tenth position is a generic detection for e-threats packed with NSAnti, a very popular program used by virus writers to obfuscate the contents of their infected files and reduce their size in transit.

Ninth position is held by NaviPromo, an old adware downloader that found a new lease of life. NaviPromo is the “dark half” of the infamous Navi toolbar.

In eighth position, Trojan.Autorun.AET used what has undoubtedly become “vulnerability of the year,” the Autorun bug in Windows, to carve itself 2.08-percent of the total number of infected machines.

The only new e-threat in this month’s list is Trojan.Skintrim.HTML.A, which poses as an Outlook add-in called MailSkinner. The Trojan is in fact a rootkit/backdoor combination attempting to download and install additional malware on infected machines.

Win32.Sality.OG, a rootkit-installing file infector, jumps up three positions from the BitDefender’s May top ten e-threats list, moving into sixth place. Ranked fifth is Downadup.Gen, also known as Conficker or Kido. This e-threat is on a slight decrease, totaling 3.33-percent of total e-threats in June as opposed to last month’s 4.35-percent.

A SWF exploit that is heavily used in the wild landed in fourth place. Although old, it probably owes its position to the large number of different viruses which still include it in their “armory.”

Trojan.Wimad, in its various guises, occupies third spot. This is an unexpected comeback from a worm which did not rank last month.

In second place is Trojan.AutorunINF.Gen, which stands for a very widespread “family” of malware which uses the Autorun file on shared folders and removable drives to spread. This e-threat is also on a slight increase as compared to last month, but it has been “de-throned” from the first position by Trojan.Clicker.CM, a simple bit of adware being spread via malicious websites.

Clicker is one of the most common threats of the year, owing its “success” to its ability to bypass popup blockers.

BitDefender’s June 2009 Top 10 E-Threat list includes:

Pos. Name                            %
1. Trojan.Clicker.CM 10.13
2. Trojan.AutorunINF.Gen 10.04
3. Trojan.Wimad.Gen.1 5.6
4. Exploit.SWF.Gen 4.34
5. Win32.Worm.Downadup.Gen 3.33
6. Win32.Sality.OG 2.5
7. Trojan.Skintrim.HTML.A 2.37
8. Trojan.Autorun.AET 2.08
9. Adware.Downloader.NaviPromo.B 1.84
10. Packer.Malware.NSAnti.1 1.59
Other malware 56.18