Skip navigation

Bournemouth, UK (5th June 2007) – ESET announced today that Ani.Gen’s ‘drive-by’ attacks continued during May, placing the trojan in the number one spot of all threats detected for the second month in a row. Constituting 4.6% of all malware activity during May, the trojan exploits how Windows handles animated cursor (.ani) files and requires no action on the user’s part to become infected other than to visit or view an affected website or email.

“The problem is that even legitimate web sites present a potential danger to the most fastidious of computer users,” says Paul Brook, Managing Director of ESET UK. “The exploit can allow an attacker to take control of the machine completely just by visiting a site or viewing an email that has been exploited. The fact that it is still so prevalent indicates that a lot of servers and machines haven’t been cleaned or patched. The best advice to users is, keep your AV software up-to-date.”

Second in the ranking for May is Win32/Perlovga, a trojan that has increased its presence steadily during the year. The threat can be transmitted through email, FTP or P2P applications and is used to collect sensitive information from infected computers. In third place is Win32/Spy.VBStat.J, a spyware program that monitors activity on infected PCs and displays popup ads.

Down from first place in March, Win32/PSW.Agent.NCC was fourth in May with around 1.69 % of detections. This trojan is part of a family of Trojans that are used to steal passwords through keylogging techniques. The fifth place on the ranking for May is held by Win32/Rjump.A, a worm that includes a backdoor trojan component. Rjump.a propagates through external storage devices, such as portable hard drives, memory cards, pen drives, etc.

Top 10 Threats for May 2007

1 Win32/TrojanDownloader.Ani.Gen – 4.6%
2 Win32/Perlovga – 1.92%
3 Win32/Spy.VBStat.J – 1.79%
4 Win32/PSW.Agent.NCC – 1.69%
5 Win32/Rjump.A – 1.69%
6 Win32?Pacex.Gen – 1.58%
7 Win32/Adware.Virtumonde – 1.50%
8 Win32/Netsky.Q Win32/Nuwar.gen – 1.18%
9 Win32/PSW.QQRob– 1.32%
10 TrojanDownloader.Agent.AWF – 0.95%


For a copy of ESET’s Global Threat Trends – May 2007 please contact Sara Claridge, Marylebone Media Relations, or 0870 766 8482

About ThreatSense.Net

ThreatSense.Net reports detection statistics from millions of client computers around the world and is believed to be the most comprehensive malware reporting system in existence. From an original idea, realised in VIRUS RADAR, ThreatSense.Net, includes data about all types of threats seen attacking user systems, not just those transmitted via email.

The (anonymous) statistical information is collected from NOD32 users who enable the reporting service in the product, and it gives a comprehensive view of the behaviour and spread of malware in the real world. Currently data is collected from more than 10 million systems, and has tracked more than 10,000 different threats and malware families.

About ESET

Founded in 1992, ESET is a global provider of security software for enterprises and consumers. ESET's award-winning, anti-threat software system, NOD32, provides real-time protection from known and unknown viruses, spyware and other malware. NOD32 offers the smallest, fastest and most advanced protection available, with more Virus Bulletin 100% Awards than any other antivirus product ( ESET has been named in Deloitte's Technology Fast 500 four years running, and has an extensive partner network, including corporations such as Canon, Dell and Microsoft.
ESET is headquartered in Bratislava, SK; and is represented worldwide in more than 100 countries. For more information, please visit or call 0845 838 0832.

PR Contact:

Sara Claridge
Marylebone Media Relations
+44 (0) 870 766 8482
+44 (0) 7968 626838 (mobile)

This press release was distributed by ResponseSource Press Release Wire on behalf of Marylebone Media Relations in the following categories: Consumer Technology, Computing & Telecoms, for more information visit