Analysis of ESET’s ThreatSense.Net , a sophisticated malware reporting and tracking system, shows that the highest number of detections in April, with almost 8,70% of the total, was scored by the Win32/Conficker class of threat. It is a network worm originally propagated by exploiting a recent vulnerability in the Windows operating system. Depending on the variant, it may also spread viac unsecured shared folders and by removable media, making use of the Autorun facility enabled at present by default in Windows (though Microsoft have announced that it won’t be enabled in Windows 7).
INF/Autorun takes the second place with 8,55% of all detected threats. This detection label is used to describe a variety of malware using the file autorun.inf as a way of compromising a PC.
The No.3 in April chart of topmost malware is the family of Trojans with keylogging and (sometimes) rootkit capabilities which gather information relating to online games and credential for participating labeled by ESET as Win32/PSW.OnLineGames (7,01%).
Next down on the list is Win32/Agent (3,51%). ESET describes this detection of malicious code as generic, as it describes members of a broad malware family capable of stealing user information from infected PCs. The Win32/TrojanDownloader ranked as No.5 in April with 1,03% designates a broad class of malware commonly used to download and install other malicious components on an infected computer, and includes the currently prevalent Win32/TrojanDownloader.Wigon and Win32/TrojanDownloader.Swizzor.
Global Threats According to ESET ThreatSense.Net® (April 2009)
Europe, Middle East and Africa (EMEA)
Central Europe was under the siege of one of the members of the Win32/TrojanDownloader’s family. Trojan horse Win32/TrojanDownloader.Wigon was the top threat in Slovakia (5,58%), Czech Republic (8,51%) and Hungary (6,14%).
Users in the northern part of Europe were most often threatened by media trojan WMA/TrojanDownloader.GetCodec.Gen. This threat has reached 3,68% in Sweden, 6,79% in Denmark and 8,82% in Norway. Finland, together with the countries of Eastern Europe has achieved the largest share of Win32/Conficker. While in Finland the share of dangerous worm has reached 8,80% or 9,59% in Bulgaria and 10,24% in Romania, Conficker has a strong position in Russia (18,47%) and in Ukraine (24,63%).
The computer threats labeled as Win32/Genetik (the heuristic detection) were strongly present in Estonia (4,86%) and Latvia (4,45%), while in Lithuania INF / Autorun prevailed with 5,56%, in South Africa with 8,97% and in Israel with 4,60%. Same as in the previous month the topmost threat in the United Kingdom was Win32/Toolbar.MyWebSearch (5.79%).
In other major European countries we find Win32/PSW.OnLineGames. For example, in France the proportion of the threat was 12,26% or 11,04% in Poland.
Founded in 1992, ESET is a global provider of security solutions for enterprises and consumers. ESET is a market leader in proactive detection of malware. Thanks to its ThreatSense.Net® technology, it is able to collect data on a volunteer basis from users all around the world, alowing it to react flexibly to emerging threats. It‘s ESET NOD32 Antivirus has been ranked by the independent AV-Comparatives testing lab as the best antivirus product worldwide (2006, 2007). ESET’s Headquarters are in Bratislava, SK; and has branches in San Diego, USA; Prague, Czech Republic and Buenos Aires, Argentina and has an extensive partner network in 160 countries. In 2008, ESET has opened a new research center in Krakow, Poland. ESET was named to Deloitte’s Technology Fast 500 one of the fastest-growing technology companies in the region of Europe, Middle East and Africa.