Torna a Sala stampa

05 ottobre 2007

Malware detections are down and the Solow worm is back

Notable threats of the month include the Solow worm, a throwback to the ancient days of virus writing, which simply copies itself to every drive that it can find, adding itself as an autorun entry so it gets executed when the disc is first accessed.

Another new entry on September’s malware list is the Ice.a worm, a complex worm sporting a file-infector component and a downloader which downloads and executes a file from a given URL. Currently, the url seems to have been deactivated.

Finally, the most virulent new threat sits at #3 and spreads by means of creating copies of itself along with autorun.inf files pointing to them in every drive it can find. Once installed, this worm also attempts to disable various kinds of security software and download and run yet another piece of malware. Fortunately, the download location has now been brought offline.

Meanwhile, last month's most important new threat, the Kobcka trojan, seems to have not had as great an impact as feared and failed to make it into September’s top ten list.

BitDefender’s September 2007 Top 10 malware list includes:

1. win32.worm.p2p.puce.g 11.1%
2. worm.rjump.k 10.3%
3. win32.worm.autruner.cd 8.4%
4. win32.netsky.p@mm 6.3%
5. win32.worm.ice.a 6.1%
6. win32.worm.rjump.b 5.2%
7. worm.vbs.solow.a 4.8%
8. win32.worm.vb.ymeak.a 4.4%
9. win32.worm.sohanat.as 3.9%
10. worm.rjump.j 3.5%

"Malware writers seem to have found out that discretion is the better part of valor and are striving to produce stealthy custom viruses that will do what's required of them and no more, to avoid early detection by antivirus companies," said Viorel Canja, head of BitDefender Labs.

For further details on the latest malware detected in the wild, please visit BitDefender’s Defense Portal site at: http://www.bitdefender.com/site/VirusInfo/realTimeReporting/.
Contatti