Trojan.Clicker.CM still active
Drive-by-download components dominate BitDefender’s ‘Top Ten’ e-threats for February. These drive-by-download components are bits of malware strung together like a "daisy-chain" by their creators. Each component represents another attempt by cybercriminals to compromise the security of a user’s system.
The Norton-bypassing ad-serving malware Trojan.Clicker.CM is in first position, for the second time this year. Clicker.CM displays a large number of commercial pop-up windows in the current web browser’s background attempting to lure the user to click. If clicked, profits are generated for advertisements registered within a pay-per-click system. The trojan also uses several functions that bypass the Norton® Internet Security Pop-up Blocker.
This is followed by an older "daisy chain", Trojan.Wimad.Gen.1 or the Wimad trojan, which masquerades as a player component for malicious ASF files. This trojan is loaded via a downloader trojan, ranked tenth in the February e-threats list.
The Conficker virus and its variants are also listed via a generic detection against viruses that use the recent autorun bug in Windows - Trojan.AutorunINF.Gen, with 4.17 percent of detections.
Ranked eighth is Trojan.IFrame.GA, a simple script which gets injected in compromised web pages and sends browsers to a collection of exploits such as Trojan.Exploit.ANPI (ranked seventh), which can direct vulnerable systems to a page containing Trojan.Exploit.SSX (in fifth position).
According to Sorin Dudea, head of Bitdefender antimalware research, this particular infection chain comes from an analysis of a number of compromised and/or malicious websites hosted in China.
New entries include three new downloaders: Trojan.Downloader.JS.Psyme.SR, Trojan.Downloader.JLPK and Trojan.Downloader.Js.Agent.F. All serve the simple function of downloading and launching more malware onto compromised computers from websites.
BitDefender’s February 2009 Top 10 E-Threat list includes:
Pos. - Name - %
1. Trojan.Clicker.CM - 5.87
2. Trojan.Wimad.Gen.1 - 4.39
3. Trojan.AutorunINF.Gen - 4.17
4. Trojan.Downloader.JLPK - 3.94
5. Trojan.Exploit.SSX - 3.92
6. Trojan.Downloader.Js.Agent.F - 3.9
7. Trojan.Exploit.ANPI - 3.77
8. Trojan.IFrame.GA - 2.9
9. Trojan.Downloader.JS.Psyme.SR - 2.32
10. Trojan.Downloader.WMA.Wimad.S - 2.01
Other malware - 62.81
For virus updates and company news, sign-up for BitDefender’s RSS feeds here
About BitDefender® www.bitdefender.co.uk
BitDefender is the creator of one of the industry's fastest and most effective lines of internationally certified security software. Since its inception in 2001, BitDefender has continued to raise the bar and set new standards in proactive threat prevention, emerging as the industry’s anti-malware innovator. Every day, BitDefender protects tens of millions of home and corporate users across the globe — giving them the peace of mind of knowing that their digital experiences will be secure. BitDefender solutions are distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. More information about BitDefender and its products are available at the company’s security security solutions room. Additionally, BitDefender’s www.malwarecity.com provides background and the latest updates on security threats helping users stay informed in the everyday battle against malware.
# # #
MJO PR for BitDefender UK & Ireland
Tel: 01538 361 217
BitDefender Country Manager (UK and Ireland)
Tel: 0845 130 5096
Fax: 0845 130 5069
This press release was distributed by ResponseSource Press Release Wire on behalf of MJO Associates in the following categories: Computing & Telecoms, for more information visit https://pressreleasewire.responsesource.com/about.