Win32/Conficker worm is a present-day most widespread computer threat. The multitude of this malware’s variants have reached a global share of 12,47% of all detected threats on computers of millions of users of ESET Smart Security and ESET NOD32 Antivirus. Conficker worm was programmed to spread not only via the Internet, using an earlier Windows vulnerability, but also to spread via exchangeable media. After embedding itself in the computer, it can receive instructions remotely and making it suitable to become a part of a spamming botnet, as well as for dissemination of other types of computer threats.
The second most-widespread computer threat also uses exchangeable media for its propagation – a mix of trojans exploiting the Windows autorun function. Throughout the month of July, INF/Autorun has reached a share of 5,90% of all threats globally. Month-to-month Win32/Agent has also increased its share, reaching 3,65%, making it the No. 3 global threat. The variants of this trojan family are devised to steal sensitive information from infected computers.
The newcomer on the July threat landscape is Win32/Dursg.A, a trojan ranked 8th, predominantly afflicting computers in Turkey, with a global share of 1,14%. This trojan, probably of Russian origin redirects results of online search engines to web sites that contain adware. The malicious file is obfuscated using UPX run-time compression. The malware modifies information in popular browsers including Internet Explorer, Google Chrome, Mozilla Firefox and Opera relating to well known search engines and other services including Google, Yahoo, MSN, Bing and YouTube, so as to divert user searches to adware-hosting sites when one of a wide range of commonly used keywords is entered.
Placing tenth on ESET’s malware stats is Win32/Oficla.GN, a member of a trojan family downloading additional malware from the Internet into a computer it infects. With a global share of 0,80%, in countries like the Czech Republic, Austria, Germany, the Netherlands or Norway, it is one of top 3 infiltrations.
Global threats according to ESET ThreatSense.Net® (July 2010)
EUROPA, MIDDLE EAST, AFRICA (EMEA)
Win32/Conficker is a clear malware leader in the EMEA region. Not only is it the No. 1 threat in almost each country in the region, in some countries it has reached unusually high infection rates in July – more than 25% in Slovenia, Ireland and Belgium. It has also accounted for more than 10% of malware incidents in Russia, Ukraine, SAR, Egypt, Finland, Romania, Germany and Spain. In the Czech Republic, the Conficker worm scored 9.55% of the total, and Slovakia reports an infection share of 6.15%. Conficker tops the threat ranking also in Poland (8.88%), which used to be the domain of stealers of online-game credentials.
However, there are countries where Win32/Conficker is not present among the top three computer threats: users in Sweden were troubled by a threat dubbed Win32/Patched (11.76%), Estonia was dodging attacks of the members of the Win32/Agent family (5.42%). Agent variants were top threats also in Denmark (7.47%), Netherlands (5.12%), and Norway (6%).
Perhaps it was the high market share of ESET security solutions and ESET users in Turkey that has pushed Win32/Dursg.A into the global Top Ten. This trojan has become the most frequently occurring threat in the country, accounting for 9.71% of all malware detections. Win32/Oficla.GN can be found among the top three threats in the Czech Republic (7.07%), Austria (7.72%), Denmark (5.62%), Germany (4.30%), and Norway (3.10%).
Subscribe to:
Posts (Atom)