Steady increase of generic malware

Sunbelt Software announced the top 10 most prevalent malware threats for the month of May 2010.

Eight of the top 10 detections for May are reflecting the trend toward behavior-based detections. Eight of the 10 detections for the month had also been among the April top 10, with Trojan.Win32.Generic!BT continuing in the number-one spot with 27.8 percent of detections. That is down from 33.7 percent in April.

One detection with a significant change in May was INF.Autorun, which saw its percentage of total detections grow by more than 55 percent, from 2.34% of overall detections in April to 3.63% in May. This followed an almost 40 percent increase the previous month as well.

The two detections that were new to the top 10 list were number eight, FraudTool.Win32.AVSoft at 1.32 percent, and number nine, Trojan.Win32.Agent at 1.28 percent. FraudTool.Win32.SecurityTool is a VIPRE detection for malware that installs SecurityTool rogue antivirus software and Trojan.Win32.Agent is a Trojan downloader that downloads a wide variety of malcode.

Sunbelt Software Research Center Manager Tom Kelchner said, “The list of ThreatNet top-10 detections in May did not change significantly from the previous month – with a continued high volume of Trojan downloaders. However, the level of generic detections has steadily increased over the past few months, highlighting the importance of behavioral testing via a “sandbox” method to stop malicious applications without individual signature updates. This is a good strategy for stopping zero-day malicious code, or previously unknown malware, which is being generated by the bad guys with more frequency.”




Share this