The domination of autorun malware
The top ranking e-threat for the third quarter, with 11 percent of the total infections in the world, is Trojan.AutorunINF.Gen. This piece of malware is consistently among the most “popular” threats each month as it easily spreads via removable devices and Windows shared folders. The Windows Autorun feature is exploited by malware authors to force the execution of dangerous files located on infected USB drives.
Ranking second is Win32.Worm.Downadup.Gen with six percent of the total infections in the world. This worm, also making use of the autorun feature, typically appears in the malware distribution charts alongside Trojan.AutorunInf.Gen.
Computer users should always scan external devices especially after having plugged them into public computers like those available in copy shops and libraries. Since Microsoft has patched this vulnerability in Windows Vista and Windows 7, users simply need to update their operating systems and antivirus solutions in order to stay safe.
Third through fifth place are closely contested. This quarter the third spot includes a representative of the exploit family, namely- Exploit.PDF-JS.Gen. This generic detection deals with malformed PDF files exploiting different vulnerabilities found in the Javascript engine of Adobe PDF Reader with the purpose of executing further malicious code on users’ computers.
A newcomer to the top-five, and occupying the fourth place is Trojan.Generic.4170878 is a newcomer with great “negative” potential. This backdoor provides the cybercriminal remote access to the infected system. Unfortunately for users, this piece of malware has seen a steady rise in distribution over the past few months.
Ranking fifth in the quarterly malware chart, with three percent, is Trojan.Wimad.Gen.1. This e-threat is mostly found on Torrent websites, camouflaged as episodes of your favorite series or as a not-yet-aired but soon-to-be blockbuster.
These counterfeit video files connect to a specific URL and download malware, impersonating the appropriate codec or video player required in order to watch the file. Trojan.Wimad.Gen.1 is mostly active before or immediately after box-office premieres. Its presence in this quarter’s chart is a certain sign of increased movie piracy via peer-to-peer download websites.
The BitDefender July – September 2010 Top 10 E-Threat list includes: