Web-Based Threats Dominate BitDefenders August List of Top E-Threats

September 2008

Variants of Wimad Trojan take three spots on Top 10 list

Web-based e-threats dominated BitDefenders Top Ten E-Threats in August. According to BitDefender analysts, the list features three variants of the Wimad trojan downloader, a fake codec downloader usually found on malicious websites. The very common ad-serving Trojan, Clicker.CM, once again heads the list this month.

At number two on the list is the Trojan,Qhost.AKR, a piece of malware aimed directly at BitDefender users which tries to disable the antivirus' update feature, thus rendering the host defenseless. A generic detection for a Flash exploit (used by multiple pieces of malware) can be found in sixth place, while Trojan.Swizzor.1, another very old and very common web-based threat, comes in at number seven.

At number eight is an ActiveX exploit used to trick a browser into downloading and installing malware. The exploit targets an ActiveX control called Sina DLoader, which can be found on legitimate Chinese websites. The systems of users who have run it are at risk, but this is a rare occurrence outside of China.

A trojan that spreads via P2P file sharing can be found in the ninth spot, while last place was grabbed by a past menace, a downloader for fake antivirus package "XP Antivirus.

"XP antivirus used to come with a valid digital signature and a lengthy EULA from sites with security-related names; it was somewhat of a champion in the social engineering area, convincing victims that it was in fact a legitimate piece of security software, said Sorin Dudea, Head of BitDefender AV Research. Having the malware's digital signature revoked by GlobalSign and the people who ran sites hosting it being denied further anonymity by Directi has put a dent in the operation."

BitDefenders August List of Top E-Threats