Skip nav

Obfuscation Malware Tops August’s Threats

Latest threat detection statistics from ESET

Bournemouth, UK (13th September 2007) – ESET announced today that threats that use obfuscation techniques such as runtime packing, polymorphism and junk code injection to hide their malicious functionality accounted for 7.58% of malware detected in August.

According to ESET’s ThreatSense.Net, which reports detection statistics from millions of client computers around the world, WIN32/Obfuscated, a generic name for malware that hides its true intention, was the number one threat to computer users.

In second place, accounting for 3.40% of malware threats is Win32/Agent, which includes malware that has Trojan capabilities with the ability to act as agents on the compromised computer to connect directly back to a central server or providing a backdoor onto the infected machine. Down from first place last month is Win32/TrojanDownloader.Ani.gen. in third and Win32/Agent.ARK in fourth place with 2.33 % of detections.

“This malware connects to a command and control server that seems to be located in Singapore,” says Paul Brook, MD of ESET UK. “The purpose of Win32/Agent.ARK seems to be to keep control of an infected system for future use; it can be used to execute commands on the infected host and download additional software. Very often such botnet software is able to update itself with new components which add new functionality, and which help it to evade detection by signature based anti-virus software.”

Top 10 Threats for August 2007

1 Win32Obfuscated – 7.58%
2 Win32/Agent – 3.40%
3 Win32/TrojanDownloader.Ani.Gen – 2.90%
4 Win32/Agent.Ark – 2.33%
5 Win32/Adware.Virtumonde – 2.20%
6 Win32/Adware.Ezula 1.99%
7 INF/Autorun – 1.88%
8 Win32/RJump.A – 1.67%%
9 Win32/Agent.AB – 1.37%
10 Win32/Pacex.Gen – 1.32%


About ThreatSense.Net

ThreatSense.Net reports detection statistics from millions of client computers around the world and is believed to be the most comprehensive malware reporting system available. From an original idea, realised in VIRUS RADAR, ThreatSense.Net, includes data about all types of threats seen attacking user systems, not just those transmitted via email.

The (anonymous) statistical information is collected from NOD32 users, who enable the reporting service in the product, to provide a comprehensive view of the behaviour and spread of malware in the real world. Currently data is collected from more than 10 million systems, and has tracked more than 10,000 different threats and malware families.

About ESET

Founded in 1992, ESET is a global provider of security software for enterprises and consumers. ESET's award-winning, anti-threat software system, NOD32, provides real-time protection from known and unknown viruses, spyware and other malware. NOD32 offers the smallest, fastest and most advanced protection available, with more Virus Bulletin 100% Awards than any other antivirus product ( ESET has been named in Deloitte's Technology Fast 500 four years running, and has an extensive partner network, including corporations such as Canon, Dell and Microsoft.

ESET is headquartered in Bratislava, SK; and is represented worldwide in more than 100 countries. For more information, please visit or call 0845 838 0832.

Public Relations Contact:

Sara Claridge
Marylebone Media Relations
+44 (0) 870 766 8482
+44 (0) 7968 626838 (mobile)