14August 2008

Well-Known Malware Continues to Dominate BitDefender▓s List of Top E-Threats

Top threats are harder to identify and destroy than dangerous

Two well-known threats have ranked high on BitDefender▓s Top Ten E-Threats in July. According to BitDefender analysts, Trojan.Clicker.CM and Trojan.Downloader.WMA.Wimad.N, which have remained relevant throughout the summer, ranked first and second place on the list of dangerous threats.

Trojan.Clicker.CM displays popups containing advertises when accessing infected internet sites, while Trojan.Downloader.WMA.Wimad.N tries to trick users into installing adware disguised as a music/video player. Both are exceedingly simple in design and execution; the only "trick" employed is specialized code within Trojan.Clicker, enabling it to bypass Norton's popup filter.

Taking third place and one of the newest additions to list is Trojan.Downloader.Wimad.A. This threat is a variant of Trojan.Downloader.WMA.Wimad.N; the file appears in different locations on the internet, in sharing networks or media download sites or even in spam.

"We are seeing the beginnings of the Internet flu - instead of mega-killer pandemics we have these recurring infections that are not very dangerous in and of itself, but pervasive, hard to identify and stamp out," said Sorin Dudea, Head of BitDefender AV Research.

The other new entry to the top ten from last month isTrojan.Swizzor.1, an "obfuscated" downloader which comes as part of a bundle of e-threats. The downloader easily downloads and saves new
threats around the victim's computer, taking time at intervals to run some of them. It also adds itself to the registry to ensure it gets executed at every boot.

Overall, the most successful e-threats continue to represent a small percentage of the total number of reported infections (just over 28% this month.