August 16, 2011 | San Diego, CA | Press Releases

July Threats: Global Top 3 in Firm Hold – INF/Autorun, Win32/Conficker and Win32/Sality

According to ESET's cloud-based malware collection system, the most wide-spread type of threat both in Europe (5.27 percent) and globally (6.51 percent) for the month of July was INF/Autorun. Another oldtimer, Win32/conficker, ranked as the most widespread malware for the last year, reaching a global infection rate of 3.88 percent (3.12 percent in Europe). Win32/Sality remained in the third spot for the second month in a row globally (2.03 percent). Third place in Europe went to HTML/IFrame.B.Gen (3.05 percent).

INF/Autorun is a label that describes a variety of malware that exploit the autorun.inf file in order to compromise a computer. This file contains information on programs meant to run automatically when removable media (often USB flash drives) are accessed by a Windows PC user. ESET security software heuristically identifies any type of malware that installs or modifies autorun.inf files.

Win32/Conficker is a network worm originally propagated by exploiting a vulnerability in the Windows operating system. Depending on the variant, it may also spread via unsecured shared folders and by removable media, making use of the Autorun facility enabled by default in older Windows OS (though not in Windows 7). Win32/Sality is a polymorphic file infector which, when executed, starts a service and creates and/or deletes registry keys related to security. Additionally, Win32/Sality triggers the start of malicious processes at each reboot of the operating system.

Win32/Dorkbot is a newcomer in the top ten (1.47 percent), and is especially prevalent in Latin America and the Caribbean. It is a worm that spreads via removable media. The worm contains a backdoor that allows it to be controlled remotely. The worm collects login user names and passwords when the unsuspecting user browses certain web sites. Then, it sends all the gathered information to a remote machine. A new form of malware ranked at number ten is VBS/StartPage.NDS (0.97 percent), a trojan that alters the home pages of certain web browsers.

Global Threats According to ESET ThreatSense.Net® (July 2011)


INF/Autorun is a mainstay in the top position in European threat statistics, also ranking as the most widespread malware in several European, African and Middle-Eastern countries including Spain (4.09 percent), Ukraine (5.67 percent), Israel (5.95 percent), and South Africa (10.12 percent). Number two in overall European statistics, Win32/Conficker (3.12 percent) was the top threat in Bulgaria (8.12 percent) and number two in Spain (3.11 percent).

The third most prevalent European malware was HTML/Iframe.B., which ranked number one in Russia with infection rate of 6.88 percent. HTML/ScrInject.B is especially widespread in Scandinavian countries, reaching number one in Norway (4.83 percent), Denmark (6.46 percent), Sweden (7.44 percent), and Finland (7.57 percent).

Threats in Europe According to ESET ThreatSense.Net® (July 2011)

About ThreatSense.Net®
ThreatSense.Net® is ESET's cloud-based malware collection system utilizing data from users of ESET solutions worldwide. This continual streaming of information provides ESET Virus Lab specialists with a real-time accurate snapshot of the nature and scope of global infiltrations. Careful analysis of the threats, attack vectors and patterns serves ESET to fine-tune all heuristic and signature updates
̶ to protect its users against tomorrow's threats.

About ESET
ESET is on the forefront of security innovation, delivering trusted protection to make the Internet safer for businesses and consumers. IDC has recognized ESET as a top five corporate anti-malware vendor and one of the fastest growing companies in its category. Trusted by millions of users worldwide, ESET is one of the most recommended security solutions in the world. ESET NOD32 Antivirus consistently achieves the highest accolades in all types of comparative testing, and powers the virus and spyware detection in ESET Smart Security and ESET Cybersecurity for Mac. Sold in more than 180 countries, ESET's global headquarters is in Bratislava, Slovakia, with distribution headquarters for North America located in San Diego, California. ESET also has offices in Buenos Aires, Prague, Krakow and Singapore and is represented by an extensive global partner network. For more information, visit or call +1 (619) 876-5400.