BitDefender - Peer-to-Peer Platforms Lead in the Spread of Malware in BitDefender’s January Top Ten E-Threat Report

Autorun and JavaScript – this month’s main vectors of infection

BitDefender^®,
an award-winning provider of innovative anti-malware security
solutions, today announced January’s top ten e-threats. Leading the way
this month is Trojan.Clicker.CM with 8.30 percent of the total amount
of infected computers. Trojan.Clicker.CM is mostly found on file
sharing websites such as torrent portals, “warez” communities and other
services hosting pirated content. This Trojan is a small script which
forces advertisements in your browser. While some of the advertisements
are related to free online games, others may expose the computer user
to pornography or other types of inappropriate content.

At 8.17 percent, the second e-threat on January’s Top Ten is
Trojan.AutorunInf.Gen, a generic mechanism to spread malware using
removable devices such as flash drives, memory cards or external
hard-disk drives. “Two of the most famous families of malware,
Win32.Worm.Downadup and Worm.Zimuse, also employ this approach to
infect systems,” said Catalin Cosoi, BitDefender’s senior antispam
researcher. “While these removable devices might offer an easy solution
when it comes to data transportation, they may also easily harm the
computer if used carelessly. Libraries, copy shops, internet cafes and
other public hotspots are usually the most notorious sources of
infection,” added Cosoi.

Ranking third in this month’s report, Win32.Worm.Downadup.Gen is
responsible for 6.18 percent of the global infections. Exploiting a
Microsoft Windows vulnerability, this worm spreads on other computers
in the local network and restricts users’ access to Windows Update and
security vendors’ web pages. Newer variants of the worm also install
rogue antivirus applications, among others. The worm’s persistence
after more than one year since its original appearance reveals that
most users are reluctant to update both the operating system and their
locally-installed antimalware solution.

BitDefender’s fourth e-threat for January is Exploit.PDF-JS.Gen, with
5.76 percent of the total amount of infections. This generic detection
deals with malformed PDF files exploiting different vulnerabilities
found in Adobe PDF Reader's Javascript engine in order to execute
malicious code on users’ computer. Upon opening an infected PDF file, a
specially crafted Javascript code triggers the download and automatic
execution of malicious binaries from remote locations.

Ranking fifth with 4.30 percent of the global infections,
Trojan.Wimad.Gen.1 is mostly found on Torrent websites disguised as an
episode of your favorite television series or film that has not been
aired yet. These fake video files are able to connect to a specific URL
and download malware, posing as the appropriate codec required for
playing the file. Trojan.Wimad.Gen.1 is particularly active when
box-office titles are expected to appear on file-sharing websites.

BitDefender’s full list of January 2010’s Top Ten E-Threats include:

1 Trojan.Clicker.CM 8.30
2 Trojan.AutorunINF.Gen 8.17
3 Win32.Worm.Downadup.Gen 6.18
4 Exploit.PDF-JS.Gen 5.76
5 Trojan.Wimad.Gen.1 4.30
6 Win32.Sality.OG 2.73
7 Trojan.Autorun.AET 2.01
8 Worm.Autorun.VHG 1.69
9 Trojan.Script.254568 1.40
10 Trojan.JS.QAF 1.40
OTHERS 58.01

Source