July Threats: Global Top 3 in Firm Hold – INF/Autorun, Win32/Conficker and Win32/Sality
For the month of July INF/Autorun was the most wide-spread type of threat both in Europe (5.27%) and globally (6.51%). The malware stats are based on ESET’s cloud-based malware collection system. Another oldtimer Win32/conficker ranked as the most wide-spread malware for the last year reaching a global infection rate of 3.88% (3.12% in Europe). Win32/Sality remained in the third spot second month in a row globally (2.03%). Third place in Europe went to HTML/IFrame.B.Gen (3.05%).
INF/Autorun is a label that describes a variety of malware exploiting the autorun.inf file as a way to compromise a computer. This file contains information on programs meant to run automatically when removable media (often USB flash) are accessed by a Windows PC user. ESET security software heuristically identifies any type of malware that installs or modifies autorun.inf files.
The Win32/Conficker is a network worm originally propagated by exploiting a vulnerability in the Windows operating system. Depending on the variant, it may also spread via unsecured shared folders and by removable media, making use of the Autorun facility enabled by default in older Windows OS (though not in Windows 7). Win32/Sality is a polymorphic file infector which when executed, starts a service and creates/deletes registry keys related to security. What’s more, it triggers the start of malicious process at each reboot of the operating system.
Win32/Dorkbot is a newcomer in the top ten (1.47%) especially prevalent in Latin America and the Caribbean. It is a worm that spreads via removable media. The worm contains a backdoor that allows it to be controlled remotely. The worm collects login user names and passwords when the unsuspecting user browses certain web sites. Then, it sends all the gathered information to a remote machine. New form of malware ranked in number ten is VBS/StartPage.NDS (0.97%) –It is a trojan that alters the home pages of certain web browsers.
Global Threats According to ESET ThreatSense.Net® (July 2011)
EUROPE, MIDDLE EAST, AFRICA (EMEA)
INF/Autorun is a mainstay in the top position in the European threat statistics, also ranking as the most widespread malware in several European, African and Middle-Eastern countries including Spain (4.09%), Ukraine (5.67%), Israel (5.95%), and South Africa (10.12%). European overall number two in the statistics - Win32/Conficker (3.12% ) was the top threat in Bulgaria (8.12%) and number two in Spain (3.11%).
European malware number three was HTML/Iframe.B., becoming number one in Russia with infection rate of 6.88%. HTML/ScrInject.B is especially wide-spread in Scandinavian countries, reaching number one in Norway (4.83%), Denmark (6.46%), Sweden (7.44%), and Finland (7.57%).
Threats in Europe According to ESET ThreatSense.Net® (July 2011)
ThreatSense.Net® is ESET’s cloud-based malware collection system utilizing data from users of ESET solutions worldwide. This continual streaming of information provides ESET Virus Lab specialists with a real-time accurate snapshot of the nature and scope of global infiltrations. Careful analysis of the threats, attack vectors and patterns serves ESET to fine-tune all heuristic and signature updates ̶ to protect its users against tomorrow’s threats.
Founded in 1992, ESET is a global provider of security solutions for businesses and consumers. The Company pioneered, and continues to lead, the industry in proactive threat detection. ESET NOD32 Antivirus holds the world record for the number of Virus Bulletin "VB100” Awards, and has never missed a single “In-the-Wild” worm or virus since the inception of testing in 1998. ESET NOD32 Antivirus, ESET Smart Security and ESET Cybersecurity for Mac are trusted by millions of global users and are among the most recommended security solutions in the world.
The Company has global headquarters in Bratislava (Slovakia), with regional distribution centers in San Diego (U.S.), Buenos Aires (Argentina), and Singapore. ESET has malware research centers in Bratislava, San Diego, Buenos Aires, Prague (Czech Republic), Krakow (Poland), Montreal (Canada), Moscow (Russia), and an extensive partner network for 180 countries.