Upload
ngokhuong
View
212
Download
0
Embed Size (px)
Citation preview
10
NEWS
Attack data
APRIL 2007
AnalysisDavid Emm, senior technology consultant at Kaspersky Lab.
Trojan Downloaders• Trojans have grown in number in recent years and now make up
around 70% of malware. Indeed, they are now the weapon of choice for today’s malware authors and the criminal underground that sponsors them. The copy-book definition of a trojan is this: it’s a non-replicating program that appears to be legitimate but is designed to carry out some harmful action on the victim computer.
• Since trojans don’t have their own on-board replication capability, they’re often perceived as being less dangerous than viruses or worms.
• Yet their effects can be dangerous and very far-reaching. Not only have they increased in numbers in recent years. They have also become more sophisticated and they are being put to an increasing number of malicious uses.
• Trojan downloaders are typically written in script languages such as VBS or JavaScript, so they’re easy to write, and they often exploit browser vulnerabilities to carry out their function. As with other types of trojan, trojan downloaders operate silently, so as not to provide the innocent victim with any clues as to their existence or function. As such, they form one part of the hidden menace that
threaten us today.
Fifth Third Bank76.91 %
VolksBank1.39 %
Citibank19.86 %
Bank of America0.92 %
Others 0.92 %
Top five countries
1 Paypal Member
2 Dear Paypal Member
3 Paypal Notification
4 Attention Paypal Member
5 Paypal Member Notification
6 Update your account
7 Fifth Third Bank - urgent notification from Protection Department!
8 important information for Fifth Third Bank customers!
9 Important Banking Mail.
10 Fifth Third Bank: please read this message.
TOP BRANDS TARGETED BY PHISHING SCAMS: Source: McAfee
# Name % Category
1 Email-Worm.Win32.Mydoom.m 1.66 Email Worm
2 New! Trojan.Win32.Agent.qt 1.5 Trojan
3 Email-Worm.Win32.Rays 1.3 Email Worm
4not-a-virus:Monitor.Win32.
Perflogger.1631.2 Riskware
5 Email-Worm.Win32.Brontok.q 1.11 Email Worm
6 Trojan.Win32.Dialer.cj 0.99 Trojan
7 Backdoor.IRC.Zapchast 0.87Trojan Program:
Backdoor
8 not-a-virus:PSWTool.Win32.RAS.a 0.84 Riskware
9New! Trojan-Downloader.Win32.Small.
ddp0.8
Trojan Program:
Downloader
10New! Trojan-Downloader.Win32.
Nurech.at0.63
Trojan Program:
Downloader
11 New! Email-Worm.Win32.Warezov.lk 0.63 Email Worm
12New! not-a-virus:AdWare.Win32.
Virtumonde.ha0.55 AdWare
13 not-a-virus:Monitor.Win32.Perflogger.ad 0.54 Riskware
14 New! Net-Worm.Win32.Mytob.bi 0.52 Network Worm
15 New! Trojan-Downloader.Win32.Bagle.bp 0.51Trojan Program:
Downloader
16 Trojan-Spy.Win32.Bancos.zm 0.5Trojan Program:
Spyware
17 New! Trojan-Clicker.Win32.Small.kj 0.48Trojan Program:
Clicker
18 New! Email-Worm.Win32.Warezov.ls 0.47 Email Worm
19 Trojan-Downloader.Win32.Small.edb 0.46Trojan Program:
Downloader
20 Email-Worm.Win32.Mydoom.l 0.46 Email Worm
Other malicious programs 83.98
ONLINE TOP 20: DATA CAPTURED USING KASPERSKY LAB’S ONLINE SCANNER (www.kaspersky.co.uk/virusscanner)
Find out about the above listed malware in detail, visit www.viruslist.com/en/analysis?pubid=204791927.