European PCs under attack by removable media malware
For the month of May, 2010, ESET ThreatSense.Net®, a unique in-the-cloud malware collection system has evaluated Win32/Conficker as the top threat with a global share of 9.12%. ESET ThreatSense.Net® tabulates data based on intercepted malware on the computers of users of ESET Smart Security and ESET NOD32 Antivirus security products/suites.
The second highest ranking behind Win32/Conficker belongs to variants of trojan horses, commonly labeled as INF/Autorun with 8.06% global share. Detections of the autorun exploit undersoring this malware as a popular conduit for compromising a PC. This file contains information on programs designed to run automatically when removable media are accessed by a Windows PC user (often in the form of USB flash drives). In Europe, we are witnessing a rise of this type of detection rivaling the traditionally dominant Conficker worm.
Win32/PSW.OnLineGames was evaluated as the third most widespread threat worldwide with a global share of 4.29%. Its share is slightly decreasing in Europe, where it remains the top threat only in Poland.
Win32/Sality, a polymorphic file infector, placed as No.6 in May with relatively high share of 1.36%. Win32/Sality is a family of polymorphic file infectors that target Windows executable files with extensions .SCR or .EXE. They may execute a damaging payload that deletes files with certain extensions and terminates security-related processes and services.
ESET ThreatSense.Net® (May 2010)
EUROPE, MIDDLE EAST and AFRICA (EMEA)
Win32/Conficker as the most widespread threat globally is also a top threat in some EMEA countries, even if its share is decreasing. It has significant share in the Ukraine (13.85%) or Russia (11.,31%). It is also No.1 malware in Ireland (15%), United Kingdom (8.04%), the Czech Republic (8.41%), the Netherlands (5.92%), as well as Egypt (11.53%), Finland (7.79%) and Germany (11.81%).
Variants of INF/Autorun were among the most detected infiltrations in Spain (10.85%), Lithuania (9.72%), Slovakia (9.61%), France (7.47%), Saudi Arabia (7.18%), Slovenia (6.70%) and Israel (5.75%). Overall, this type of malware was the second most detected threat with a rising trend in almost all EMEA countries. It has reached a share of more than 7% in Poland, Ukraine, Armenia, Russia and Egypt. Moreover, it placed in the top 5 threats with 2-7% share in the Czech Republic, Finland, Norway, UK, Turkey, Ireland and Germany.
Win32/Agent is a type of threat that is from the regional point of view mostly prevalent in the Nordic countries – Norway 4.75%, Denmark 5.79% and Estonia 5.55%. It is also a top threat in Hungary (6.31%) and Austria (6.34%).
ThreatSense.Net® is ESET’s in-the-cloud malware collection system utilizing data from users of ESET solutions worldwide. This continual streaming of information provides ESET Virus Lab specialists with a real-time accurate snapshot of the nature and scope of global infiltrations. Careful analysis of the threats, attack vectors and patterns serves ESET to fine-tune all heuristic and signature updates ̶ to protect its users against tomorrow’s threats.
Founded in 1992, ESET is a global provider of security solutions for the home and business segment. The industry leader in proactive malware detection, ESET's NOD32 antivirus holds the world record for the number of Virus Bulletin "VB100 Awards," never to have missed a single “In-the-Wild” worm or virus since the inception of testing in 1998.
ESET has headquarters in Bratislava, Slovakia and offices in San Diego, USA; Buenos Aires, Argentina; Prague, Czech Republic, and an extensive partner network in 160 countries. In 2008, ESET has opened a new research center in Krakow, Poland. ESET was named by Deloitte’s Technology Fast 500 as one of the fastest-growing technology companies in the region of Europe, Middle East and Africa.