Adware trojan most widespread e-threat

Peter Dinham
Wednesday, 07 October 2009 07:00

Business IT - Security

The Clicker adware trojan is the most widespread threat on the Web right now possibly due to it regaining popularity as an infection tool of choice.

According to BitDefender in its September report, the Trojan.Clicker is now a tool-of-choice for “malicious purveyors of ‘warez’, which the security company says are cracks, key generators or keys for popular software.

BitDefender says that in September, the top three e-threats are a malware trifecta which it says should already be familiar to those following developments in the malware world - the Wimad Trojan, the Clicker Trojan and a generic detection for Autorun using Trojans.  These three, says BitDefender, are once again the most prevalent threats, accounting for no less than 25 percent of all infections recorded during September.

BitDefender also says that Conficker, in its various guises, is detected by as Win32.Worm.Downadup.Gen and occupies the fourth spot, with a sizeable 5.5 percent of the total number of infected files detected during September.

Another exploit identified - Exploit.PDF-JS.Gen - uses a vulnerability in the way some versions of the Adobe PDF reader parse embedded Javascript, is gaining popularity again and can be found at number five, BitDefender says.

At number six, Trojan.Exploit.JS.Y is a malicious bit of Javascript, according to BitDefender, and is usually found on compromised or malicious websites.

A long-time veteran of BitDefender's top 10, Win32.Sality.OG, dropped from fifth to seventh place in September, with the  encrypted, polymorphic file infector apparently set for a very long “cybercrime career".

The last three threats in BitDefender’s top 10 list include two threats using the Autorun security loophole in older versions of Windows, occupying the eighth and ninth positions, with one of them  actually a downloader component used to spread the well-known Conficker or Kido worm (aka Downadup); and, in tenth spot is Trojan.Skintrim.HTML.A, a type of HTML page usually associated with adware programs such as Navipromo.