Top 3 Global Threats: Malware Family Capable of Stealing User Information
The data from ESET’s in-the-cloud malware collection system ThreatSense.Net® shows the new trend in the month of April when <a target="_blank" href=
After a long lead, <a target="_blank" href=
The top-most spread Internet malware include <a target="_blank" href=
In the top 10 global malware ranking in April, we also find Win32/Packed.FlyStudio.O.Gen (1.34%). Flystudio O.Gen denotes detections for obfuscated FlyStudio executables, which are not always malicious: sometimes obfuscation is used as a means of legitimate digital rights management (DRM) by hampering attempts at malicious reverse engineering. However, the use of packers and obfuscators has been a fairly reliable indicator of malicious intent for some years now, and some vendors detect almost any obfuscated code as malicious or potentially malicious. <a target="_blank" href=
ESET ThreatSense.Net® (April 2010)
Europe, Middle East and Africa (EMEA)
Win32/Conficker remains the top threat with high shares almost in each country of the region. In April, it had the highest ranking in Ukraine (15.05%), Bulgaria (14.28%), Romania (13.91%), Russia (12.12%), Germany (11.63%), Finland (11.36%), Serbia (9.84%), United Kingdom (9.74%), Italy (9.02%), Czech Republic (6.44%) or Hungary (5.85%).
The rise of the Win32/Agent label is marked in the majority of EMEA countries where it places within the top 3 and is the top-most threat in Denmark (5.91%), Austria (5.87%) and Norway (4.31%).
INF/Autorun is used to describe a variety of malware using the file autorun.inf as a way of compromising a PC. This file contains information on programs meant to run automatically when removable media (often USB flash drives) are accessed by a Windows PC user. The label is the most widespreadmalware in the Republic of South Africa (12.26%), Spain (11.67%), United Arab Emirates (9.36%), France (8.30%), Greece (5.98%), Latvia (5.81%), Slovakia (5.52%) and Israel (5.35%).
There are a few regional exceptions with different malware ranking at No.1 compared to the global ranking. Win32/Injector denoting variants of password and other sensitive information-stealing Trojans is the top-most Internet malware in Estonia (7.13%) and Belgium (4.84%).
In April, Win32/TrojanDownloader.Unruy was the No.1 threat in Slovenia. This UPX-compressed Trojan has even registered a 1% increase from the previous month, with a total of 5.84% of all malware detections in Slovenia.
Founded in 1992, ESET is a global provider of security solutions for the home and business segment. The industry leader in proactive malware detection, ESET's NOD32 antivirus holds the world record for the number of Virus Bulletin "VB100 Awards," never to have missed a single “In-the-Wild” worm or virus since the inception of testing in 1998. ESET has headquarters in Bratislava, Slovakia and offices in San Diego, USA; Buenos Aires, Argentina; Prague, Czech Republic, and an extensive partner network in 160 countries. In 2008, ESET has opened a new research center in Krakow, Poland. ESET was named by Deloitte’s Technology Fast 500 as one of the fastest-growing technology companies in the region of Europe, Middle East and Africa.
ThreatSense.Net® is ESET’s in-the-cloud malware collection system utilizing data from users of ESET solutions worldwide. This continual streaming of information provides ESET Virus Lab specialists with a real-time accurate snapshot of the nature and scope of global infiltrations. Careful analysis of the threats, attack vectors and patterns serves ESET to fine-tune all heuristic and signature updates ̶ to protect its users against tomorrow’s threats.