January 20, 2009 | Bratislava | Press Releases

Worm exploiting vulnerability in the Windows operating system among top threats

Analysis of ESET'S ThreatSense.Net® shows that throughoutthe last month of '08, the highest number of detections (10,64%) was scored bythe INF/Autorun class of threat. ESET has been detecting very high volumes ofmalware using the Windows Auto facility for well over a year, along with onlinegaming password-stealing malware. Even in ‘09 we cannot expect a decrease inthe volumes of these kinds of infiltrations. In December '08 the Trojan Win32/PSW.OnLineGames stealing gaming codeand passwords has placed second in occurrence with 6,84%.

Win32/Confickeris a new addition to theregular malware charts - placing third with (3,90%)  constituting a network worm which can becontrolled remotely by an attacker, spreading and exploiting a knownvulnerability in the Windows RPC subsystem. Conficker tries to downloadadditional malware likely to be connected with adware. In addition, it shutsdown the Windows firewall and starts an http server on a random port.   While ESET has effective detection ofConficker, it's important for end users to ensure that their systems areupdated with the Microsoft patch.

Win32/Agenthas moved up in theranking to be among the first five threats in the frequency of occurrence with3,01% infiltrations worldwide. It denotes members of a broad malware familycapable of stealing user information from infected PCs. Throughout December'08, a Potentially Unwanted Application -   Win32/Toolbar.MyWebSearch has remained among themost widespread viruses, with (3,00%). It constitutes a toolbar which includesa search function that directs searches through MyWebSearch.com.

<img src=Pictures/threatsense12.JPG</buxus-image> />