Top 10 Malware Threats for September

GFI Software today announced the top 10 most prevalent malware threats for the month of September 2010.

The statistics for the month of September show a staggeringly consistent attack primarily by the same Trojan horse programs that have persisted for several months. Several of the top threats were unchanged from the past two months. Trojans detected as Trojan.Win32.Generic!BT were still the highest detection, slightly down to 23.54 percent of total detections. This generic detection includes more than 120,000 traces of malicious applications and has been in the top spot for many months: in August, with 25.11 percent, in July with 29.08 percent and in June with 27.16 percent of the total detections.

The number two detection has not changed rankings from last month either. Trojan-Spy.Win32.Zbot.gen is a detection of password-stealing Trojans with many versions. The third largest detection, Trojan.Win32.Generic!SB.0, moved up from fifth place last month and is the generic detection for password-stealing Trojan horse programs. These install key loggers which record keystrokes and send the data to the malicious operators who distribute the malware.

“These detections are evidence of the activities of botnet operators. They use their networks to pump out the spam that’s intended to infect machines,” said Francis Montesino, manager of the malware processing team, GFI Labs.

“Trojan.HTML.FakeAlert.e (v), which is in the number seven spot, is a detection for malicious Web pages that display false warnings to scare victims into downloading malware – commonly referred to as rogue security products or “scareware,” said Tom Kelchner, research center manager, GFI Labs.

The Top 10 Malware threats for the month of September 2010 as reported by GFI Labs are:

1. Trojan.Win32.Generic!BT [23.54%]

2. Trojan-Spy.Win32.Zbot.gen [4.27%]

3. Trojan.Win32.Generic!SB.0 [4.06%]

4. Trojan.Win32.Generic.pak!cobra [3.04%]

5. INF.Autorun (v) [2.3%]

6. Worm.Win32.Downad.Gen (v) [1.44%]

7. Trojan.HTML.FakeAlert.e (v) [1.09%]

8. PlaySushi [1.08%]

9. FraudTool.Win32.FakeAV.gen!droppedData (v) [0.91%]

10. Trojan.Win32.Malware.a [0.83%]

The top 10 results represent the number of times a particular malware infection was detected during GFI’s VIPRE and CounterSpy scans that report back to GFI’s community of opt-in users. These threats are classified as moderate to severe based on method of installation among other criteria established by GFI Labs.