Articles

June 13, 2012 | Bratislava | Press Releases

May Threats: INF/Autorun Returns to Top Spot

ESET Security Expert Stephen Cobb: “Good news - Flamer malware is not likely to be headed your way any time soon”

Throughout May, HTML/ScrInject.B was dethroned as top malware worldwide and Europe making the way for the big comeback of INF/Autorun – with a 6.36% infection rate globally and 4.99% in Europe. ESET malware statistics based on ESET Live Grid® - a cloud-based malware collection system utilizing data from users of ESET solutions worldwide has put HTML/Iframe.B in second spot, both in the world (4.84%) and in Europe (4.81%). HTML/ScrInject.B was recorded in third position with 4.09% infection rate worldwide and 4.35% in Europe.


INF/Autorun stands for a variety of malware using the file autorun.inf as a way of compromising a PC. This file contains information on programs meant to run automatically when removable media (often USB flash drives) are accessed by a Windows PC user. HTML/Iframe.B denotes a generic detection of malicious IFRAME tags embedded in HTML pages, which redirect the browser to a specific URL location containing malicious software. HTML/ScrInject.B is a generic detection of HTML web pages containing an obfuscated script or iframe tag that automatically redirects the user to the malware download.


Flame/Flamer or Win32/Flamer.A. as ESET refers to this very complex form of malware has been an interesting piece of malware intercepted by our malware research lab. “About the only good news is that Flamer, the latest piece of state-sponsored digital terrorism to come to light, is not likely to be headed your way any time soon. It is unlikely that you are the target of Flamer unless you are an official in a Middle Eastern government or working on weapons research for such a government," says ESET‘s Security Evangelist Stephen Cobb. Flamer is not “out there” on the Internet right now, spreading from country to country. Users are not likely to find Flamer attached to an email in your Outlook Inbox (USB flash drives seem to be Flamer’s infection vector of choice). And if they are using a good antivirus product, it is now protecting you from Flamer. All the major AV products were quickly updated to detect Flamer and the better ones will now have generic detection of this malware that operates on “Flamer-like” characteristics.


“Perhaps more important, and this needs to be stressed, organizations that follow information security best practices, such as deploying endpoint security with device controls to prevent malware infection spreading viaUSB flash drives, are well-defended against most of the malicious software attacks they are likely to encounter today,”
adds Cobb, based out of ESET’s North American center in San Diego. In one recent study, it was found that over 90 percent of security breaches could have been prevented with simple, cheap, or intermediate measures. This is good news for companies and consumers that are striving to align themselves with security best practices  to defend againstmalware.


For more on the Flamer threat  go to Stephen Cobb’s blogpost “Stuxnet, Flamer, Flame, Whatever
Name: There’s No Good Malware” on ESET.com.

 

Global Threats According to ESET Live Grid® Statistics (May 2012)



Threats in Europe According to ESET Live Grid® Statistics (May 2012)

 



About ESET Live Grid®

ESET Live Grid® is ESET’s cloud-based malware collection system utilizing data from users of ESET solutions worldwide.  This continual streaming of information provides ESET Malware Lab specialists with  real-time accurate snapshot of the nature and scope of global infiltrations. Careful analysis of the threats, attack vectors and patterns serves ESET to fine-tune all heuristic and signature updates   ̶ to protect its users against tomorrow’s threats.


About ESET

Founded in 1992, ESET is a global provider of security solutions for businesses and consumers. The Company pioneered, and continues to lead, the industry in proactive threat detection. ESET NOD32 Antivirus holds the world record for the number of Virus Bulletin "VB100” Awards, and has never missed a single “In-the-Wild” worm or virus since the inception of testing in 1998. ESET NOD32 Antivirus, ESET Smart Security and ESET Cybersecurity for Mac are trusted by millions of global users and are among the most recommended security solutions in the world.

The Company has global headquarters in Bratislava (Slovakia), with regional distribution centers in San Diego (U.S.), Buenos Aires (Argentina), and Singapore. ESET has malware research centers in Bratislava, San Diego, Buenos Aires, Prague (Czech Republic), Krakow (Poland), Montreal (Canada), Moscow (Russia), and an extensive partner network for 180 countries.