|
Top 10 Malware threats in April 2008
12/05/08
Malware
packers seem to have become the technique of choice for cyber crooks
according to BitDefender. Three of the positions on BitDefender’s
April 2008 Top Ten Malware list are occupied with malware using the
same type of packer (NSAnti) – a device which has caused problems in
previous months.
"It seems repacking malware to attempt avoiding detection, rather
than spending time and energy writing new viruses from scratch is a
technique that's here to stay," said Sorin Dudea, Head of
BitDefender AV Research.
Straightforward packers aren't the only tools used for this purpose.
The fourth position on the list is a sophisticated malware loader,
dubbed by BitDefender researchers as “Loader.N.” This runs decrypts
and enables two other packed pieces of malware (a Trojan, Kobcka and
a Trojan, Downloader.Agent) which transforms the infected machine
into a spam relay.
"The loader serves two purposes: the encryption prevents antivirus
software from detecting the payload in transit, while the unpacking
and loading part ensures that at no point does the payload get
written to disk – eliminating another inception point," Dudea
explained. "Of course, the exercise is pointless, as we can still
detect the decryptor itself."
The rest of the top ten is, yet again, pretty well-populated with
mass mailer viruses, with the Cutwail Trojan, another tool turning
machines into spam bots, appearing in the 6th position.
BitDefender’s April 2008 Top 10 malware list includes:
1. Packer.Malware.NSAnti.AD 33.71%
2. Win32.Netsky.P@mm 7.48%
3. Win32.Worm.Sohanad.NAW 4.56%
4. Packer.Malware.NSAnti.AG 2.86%
5. Trojan.Loader.N 2.25%
6. Trojan.Dropper.Cutwail.F 2.04%
7. Win32.Netsky.AA@mm 1.98%
8. Win32.NetSky.D@mm 1.98%
9. Packer.Malware.NSAnti.Z 1.87%
10. Win32.Nyxem.E@mm 1.65%
11. OTHERS 39.62%
Nick Gibson, editor
|
