Dedicated To Virus Alerts & Software Information, Featuring News, Press Releases, IT Directory & Links
Sunbelt Software Revises Top 10 Malware Threats List for December
Published 11th January 2010
Removes “Fast Browser Search” and no longer categorises it as a threat to users
Clearwater, Fla. – January 11, 2010 – Sunbelt Software, a leading provider of Windows security software, today announced an update to its list of the top 10 most prevalent malware threats for the month of December 2009, removing “Fast Browser Search” altogether. The report, compiled from monthly scans performed by Sunbelt's award-winning anti-malware solution, VIPRE® Antivirus + Antispyware, and its antispyware tool, CounterSpy®, is a service of SunbeltLabs™.
Sunbelt had categorised earlier versions of Fast Browser Search (which is
installed as part of MyWebTattoo) as malware, but having reviewed the latest version of this software – which now addresses Sunbelt’s primary concerns with prior versions – Fast Browser Search has been de-listed from the VIPRE detections database. Sunbelt no longer considers Fast Browser Search to be any kind of malware or other type of software that users should block or remove.
In December, the malware landscape remained remarkably similar to November, according to Sunbelt Software ThreatNet statistics. In both months, six of the top 10 detections were Trojan horse programs. The top detection for December, Trojan.Win32.Generic!BT, a generic detection for Trojans, made up 18.69 percent of detected malware in the month. It had also been the top detection in November.
“When nearly 20 percent of our detections for the month are a ‘bulk’ detection like this, it is evident that Trojans are still a huge threat today. They’re being used to download a lot of malware, including rogue security products, bot installers and spyware that steal banking passwords,” said Michael St. Neitzel, Sunbelt Software vice president of Threat Research.
After holding the top spot on the list for most of 2009, the password-stealing Trojan-Spy.Win32.Zbot.gen held the second position on the list for the second consecutive month, increasing from 6.0 to 6.23 percent of all detections.
Meanwhile, two new detections moved onto this month's top 10 list. Trojan.Win32.Malware – a generic detection of malware that is associated with Trojan horse programs - with 2.23 percent of overall detections, and FraudTool.Win32.RogueSecurity (v), a rogue security program, at 0.75%.
“Malicious operators have been using Search Engine Optimisation (SEO) techniques in order to lure victims to malicious sites that download Trojans. Their sites place in the top hits in many online search engines when Internet users go looking for current topics in the news,” St. Neitzel said.
Some of the most dangerous web searches in December were:
-- “Brittany Murphy” (leads to redirect sites selling rogues)
-- “chromium os download” (leads to rogue download sites)
-- “New Year’s Parades”
-- “Tiger Woods car crash” (sites offer videos with Trojanised video viewers)
-- “Tiger Woods rumors”
The top 10 results represent the number of times a particular malware infection was detected during VIPRE and CounterSpy scans that report back to Sunbelt’s community of opt-in users. These threats are classified moderate to severe based on method of installation among other criteria established by SunbeltLabs. The majority of these threats propagate through stealth installations or social engineering.
The top 10 most prevalent malware threats for the month of December are:
1. Trojan.Win32.Generic!BT 18.69%
2. Trojan-Spy.Win32.Zbot.gen 6.23%
3. Trojan.Win32.Generic!SB.0 4.09%
4. Exploit.PDF-JS.Gen (v) 3.31%
5. Trojan.ASF.Wimad (v) 2.42%
6. Trojan.Win32.Malware 2.23%
7. INF.Autorun (v) 1.62%
8. BehavesLike.Win32.Malware (v) 1.18%
9. Trojan.Malware 0.94%
10. FraudTool.Win32.RogueSecurity (v) 0.75%
About SunbeltLabs
SunbeltLabs specialises in the discovery and analysis of dangerous vulnerabilities (i.e., security holes, bugs, maligned features or combination of operations) that could be exploited for Internet and email attacks. The research team actively researches new malware outbreaks, creating and testing new threat definitions on a constant basis. For detailed threat research information and to view the top 10 threats in real time please visit SunbeltLabs at http://www.sunbeltsecurity.com.
About Sunbelt Software
Headquartered in Tampa Bay (Clearwater), Fla., Sunbelt Software was founded in 1994 and is a leading provider of Windows security software including enterprise antivirus, antispyware, email security, and malware analysis tools. Leading products include the VIPRE® and CounterSpy® product lines, Sunbelt Exchange Archiver™, CWSandbox™, and ThreatTrack™.
For more information about Sunbelt Software, please visit the company’s website at: http://www.sunbeltsoftware.com. To learn more about current activities, products, and ideas at Sunbelt Software, please visit Sunbelt’s corporate blog at http://www.sunbeltblog.com.