Trojans are the most constant infectious vector

The generic mechanism that spreads using removable devices – Trojan.AutorunInf.Gen – is the top e-threat for March with 13.40 percent of the total amount of global malware. This is a position very frequently occupied by this particular piece of malware.

With a percentage of 6.19, also known as the infamous Kido or Conficker, Win32.Worm.Downadup.Gen, ranks second, as it has been for the past three months. “This worm exploits a well-known Windows vulnerability. In order to get rid of this people simply have to update both the operating system and their locally-installed antimalware solution,” said Catalin Cosoi, BitDefender’s senior researcher.

The third e-threat for March is Exploit.PDF-JS.Gen with 5.30 percent. Adobe PDF Reader’s Javascript engine is being manipulated by this threat with the sole purpose of executing malicious code on the users’ computer.

The only file infector present in this chart is Win32.Sality.OG, placed in the fourth position. Shielded by a polymorphic code, the Sality family is extremely difficult to detect and annihilate. In addition to that, the rootkit component of the virus tries to disable various antivirus applications installed on the infected system.

Trojan.JS.Downloader.BIO ranking fifth with 2.13 percent, is a Javascript inserted into legitimate webpages via SQL injection techniques targeting only websites built with ASP. It also creates cookies with miscellaneous pieces of information about the victim (such as browsing habits and timestamps) and then sends them to a China-based website.

BitDefender’s March 2010 Top Five E-Threat list includes:

1. Trojan.AutorunINF.Gen – 13.40
2. Win32.Worm.Downadup.Gen – 6.19
3. Exploit.PDF-JS.Gen – 5.30
4. Win32.Sality.OG – 2.58
5. Trojan.JS.Downloader.BIO – 2.13
OTHERS – 70.40




Share this