So-called drive-by download components dominated the latest security threats to our computers during February as cybercriminals attempted to compromise the security of users’ systems.

Ominously, BitDefender says the drive-by download malware is usually authorised indirectly by the user, but without understanding the consequences (e.g. by enabling an ActiveX component).

According to BitDefender, Trojan Clicker.CM displays a large number of advertisement pop-ups in the Web browser’s background attempting to lure the user to click. “If clicked, profits are generated for advertisements registered within a pay-per-click system. The trojan also uses several functions that bypass the Norton Internet Security pop-up blocker.”

At second place on their list, BitDefender said it found an older "daisy chain" - Trojan.Wimad.Gen.1 or the Wimad Trojan - which masquerades as a carrier component for malicious ASF files. The Trojan, says BitDefender, is loaded via a downloader trojan ranked last in the top ten e-threats list.

According to BitDefender, the Conficker virus and its brethren are also present in the February top ten via a generic detection against viruses that use the recent autorun bug in Windows - Trojan.AutorunINF.Gen with 4.17 percent of detections.

And, ranked 8th is Trojan.IFrame.GA, described by BitDefender as a simple script which gets injected into compromised webpages and sends browsers to a collection of exploits such as Trojan.Exploit.ANPI (ranked 7th), which can direct vulnerable systems to a page containing Trojan.Exploit.SSX (in  5th position).
 
Sorin Dudea, BitDefender’s head of antimalware research, says this particular infection chain was taken directly from the analysis of a number of compromised and/or malicious websites hosted in China.