Trojans Lead Virus Charge
Mass mailer and Trojan viruses have been the most prevalent types of malware affecting SMB and individual users between January and June 2007, according to a Top 10 list compiled by BitDefender.
Mass mailer viruses are those that are distributed via email to multiple addresses at once, and a Trojan horse is a program that installs malicious software under the pretence of doing something else. Trojans are particularly notorious for installing backdoor programs which allow unauthorised remote access to the victim’s machine by unwanted parties.
“The gradual change from viruses to trojans on the Top 10 malware lists presents an interesting trend in data security,” said Viorel Canja, head of BitDefender Labs.
“Although the popularity of mass mailers is slowly receding, variants are still present and pose a very real risk to computer systems used by consumers and small businesses.
The report from the anti-virus software and data security provider found the Peed trojan was the top threat to date in 2007, variants of which accounted for more than 30% of all threats detected.
Another notable threat detected by BitDefender Labs was the Win32.Sality.M virus, the only true virus to make the list. While the highly-dangerous polymorphic virus spreads using the Bagle mass mailer, the Bagle virus alone did not make the 2007 list.
One widespread email spam campaign posing as a screensaver, which installs Trojan horses and rootkits on infected Windows PCs, has been reported by Sophos Labs.
The emails, which are being seen in inboxes worldwide, claim the recipient has been sent a screensaver by a friend and tells the user to open the attachment (called bsaver.zip). It attempts to coerce the user to open the attachments with phrasing such as “Good morning/evening, man! Really cool screensaver in your attachment!”, with a variety of subject lines including ‘Life is beautiful’, ‘Life will be better’, ‘Good summer’ and ‘help you’
Graham Cluley, senior technology consultant at Sophos said hackers were using a mixture of social engineering and stealth-mode rootkits to try and take advantage of Windows users who “forget to think before they click”. He emphasised that users of Sophos anti-virus products have been defended against the attack since 27 July 2007.
“Hackers use rootkit technology to maintain access to a compromised computer without the user’s knowledge, so it’s important to be properly defended from these sort of threats.”
BitDefender’s Top 10 malware list for 1H 2007:
1. Trojan.Peed.Gen 27.19%
2. BehavesLike:Trojan.Downloader 21.4%
3. [email protected] 5.62%
4. Trojan.Peed.A 2.37%
5. [email protected] 1.87%
6. [email protected] 1.86%
7. Win32.Sality.M 1.85%
8. GenPack:Trojan.Downloader.Tibs.I 1.33%
9. Trojan.Peed.P 1.30%
10. [email protected] 1.22%