2 min read

Oktoberfest 2011: beer, sausages and malware

Loredana BOTEZATU

November 03, 2011

Oktoberfest 2011: beer, sausages and malware

If adware has been the key malicious factor in Germany for the past months, October brought a significant change in the regional malware landscape. It seems that Germany experiences a revolution in terms of e-threats targeting the local users. The resilient adware occupants of the top spots are now replaced by Java-based malware, in exploits and malware downloading Trojans.

Malware distribution for October 2011:

Java.Exploit.CVE-2010-0840.B saw a noteworthy spike from the tenth place straight to the top spot of the e-threat top in Germany. Furthermore, Java.Exploit.CVE-2010-0840.B is accompanied by three other members of its class – Trojan.Mailbot.DG (ranking fourth, with 3.16%), Trojan.Java.MailSend.A (fifth, with 2.97%) and Trojan.Exploit.ANSH (seventh, with 2.54%) together cumulating almost 14 percent of the total malware registered in Germany.

They share a couple of features as generic detections for pieces of malicious code that exploit a vulnerability in the Java virtual machine. The liability lies in the Java verification routine of some applets executing pieces of code that require certain privileges.The vulnerability allows an application to execute operations otherwise performed only by a logged-in user. These e-threats download a BHO and use it to download further malware on the compromised computer. Note that only the Windows OS users are in danger.

New entry in the top is the second ranking Trojan.Iframe.SC, a detection for iframe-injected html files with the purpose of redirecting the user”s search towards sites with randomly chosen pornographic content.

The infamous and industrious Win32.Worm.Downadup.Gen is again in third place. This is the most common e-threat to be found in people”s systems. Mainly it hinders users from updating operating systems or anti-virus solutions by restricting access to all related web pages. Sometimes, it may even download rogue AVs on compromised computers.

Germany”s top ranking e-threat for the past months, the Adware class, dropped five places in October. However, it is still well represented by no less than three e-threats: Gen:Variant.Adware.Hotbar.1, Dropped:Adware.Yabector.B and Adware.Yabector.B, ranking sixth, ninth and tenth, respectively.

Adware.Hotbar opens a browser toolbar and forces commercial pop-up messages on PC screens. It is actively used in the wild to monitor users” online activities by creating profiles based on search habits which crooks would afterwards use to redirect searches toward advertising websites or virtual stores. Adware.Yabector mainly hijack the user”s browser to redirect web searches to advertising pages and online shops.

Eighth is packed executable file – Gen:Trojan.Heur.RP.zyX@aqIOShci – a keygen component for some other widespread malicious application used to generate unauthorized registration keys in order to defeat the commercial protection of shareware software products.

This article is based on the technical information provided courtesy of Doina Cosovan, Bitdefender VirusAnalyst and Alexandru Dan Berbece, Bitdefender Database Administrator.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

How to keep your Android device immune to malicious vaccine themed apps How to keep your Android device immune to malicious vaccine themed apps
Cristina POPOV

April 22, 2021

2 min read
Facebook Takes Down Two Hacking Groups Operating out of Palestine Facebook Takes Down Two Hacking Groups Operating out of Palestine
Silviu STAHIE

April 22, 2021

2 min read
Ransomware attack causes supermarket cheese shortage in the Netherlands Ransomware attack causes supermarket cheese shortage in the Netherlands
Graham CLULEY

April 13, 2021

2 min read