Clever infection techniques top e-threats list

Peter Dinham
Wednesday, 03 June 2009 18:26

Business IT - Security

Those naughty, malicious little malware writers are becoming increasingly clever and creative in the way they go about spreading infections and misery across the Internet.

From polymorphic file infectors to autorun exploitations, malware writers are becoming “increasingly creative with their ways,” according to BitDefender, as it reveals, in its May report on the top 10 e-threats detected during the month, that first place on the list goes not to a piece of malware, but rather to an infection technique - the autorun.inf exploitation code found in threats as diverse as Conficker and Sality.

“Topping out at 9.93% of detections, it is the most widespread exploit and the top e-threat of the month,” says BitDefender.

According to BitDefender, the top ten e-threats detected in the month of May were, almost all Trojans, with “simple, user-interaction driven pieces of malware occupying no less than six of the ten positions.”

And, in second place, BitDefender lists what it calls "the positively ancient Trojan.Clicker.CM”, a popup-serving program with a “whopping 9.23% of detections.” 

BitDefender also reports that Conficker is “on the up again for some reason,” claiming the fifth position in May with 3.12% of detected infections, and, it says, a lowly bit of SWF exploit code, heavily used in malicious and compromised websites the world over, can be found in fourth, at 4.33%.

A polymorphic file infector claimed sixth place in May and, says BitDefender, “if that sounds dangerous, that’s because it is: the virus infects executable files as well as network shares, re-writing itself in the process to avoid signature-based scanners.”

CONTINUED page 2