Viruses spread via web recorded at 8.4 percent in India
Kapersky, a developer of internet threat management solutions that protect against all forms of malicious software including viruses, spyware, hackers and spam, presents its monthly malware statistics for October 2009. As a result, the top twenties have changed somewhat, and the figures in both ratings this month are significantly higher, due to an increased numbers of users participating in KSN.
Net-Worm.Win32.Kido.ir, which made its first appearance last month, has replaced the traditional leader, Kido.ih. This demonstrates once again that infected removable media are a major source of infection.
Still on the subject of removable media, Autorun.dui, which appears regularly in the ratings, has been joined by a very similar program, Autorun.awkp, which entered in 9th place. These malicious programs, as the name suggests, automatically run malware on removable devices.
Packed.Win32.Black.a, Packed.Win32.Klone.bj and Trojan.Win32.Swizzor.b returned to the first top twenty this month. Moreover, Black.a has been joined by a new version Black.d. To recap, the Packed.Win32.Black family includes programs that have been packed with unlicensed versions of legitimate utilities used to protect executable files. In this particular case the packer is ASProtect, a utility often used by cybercriminals.
Malicious programs that spread via removable devices were again prevalent this month, and there was noticeable gaming Trojan activity (although this is has not yet reached significant levels). The top two positions have been claimed by new variants of Gumblar, a script Trojan-Downloader program. This program caused quite a stir at the end of May and went straight to the top of the ranking in June.
The technique of splitting a malicious script into several parts to hinder detection and analysis is becoming increasing popular. Around a quarter of the programs in this month's Top twenty have been designed in this way: Trojan-Downloader.JS.Zapchast.n, Trojan-Downloader.JS.Small.oj, Exploit.JS.Agent.apw, Trojan.JS.Zapchast.an, and Trojan-Downloader.JS.Agent.env.
This month has been characterized by the mass infection of legitimate websites with the Trojan-Downloader program Gumblar. The splitting of malicious scripts is also a marked trend.
Experts on SiliconIndia
Post your Comment
All form fields are required.