RSS Feed
Twitter
January 8th, 2010 
gooddevi As in previous months, this malware rating is compiled from data generated by the Kaspersky Security Network (KSN).However, slightly different methods have been used to select and analyze the data. As before, two Top Twenties have been compiled from the data generated by KSN. The first Top Twenty lists malicious programs, adware and potentially unwanted programs that were detected and neutralized when accessed for the first time, i.e. by using the on-access scanner. Using on-access statistics makes it possible to analyze the most recent, most dangerous and most widespread malicious programs that were blocked when launched on users’ computers or when downloaded from the Internet.
Position List :
1 Net-Worm.Win32.Kido.ih
2 Virus.Win32.Sality.aa
3 Trojan-Dropper.Win32.Flystud.ko
4 Trojan-Downloader.Win32.VB.eql
5 Worm.Win32.AutoRun.dui
6 Trojan.Win32.Autoit.ci
7 Virus.Win32.Virut.ce
8 Worm.Win32.Mabezat.b
9 Net-Worm.Win32.Kido.jq
10 Virus.Win32.Sality.z
11 Trojan-Downloader.JS.LuckySploit.q
12 Virus.Win32.Alman.b
13 Packed.Win32.Black.a
14 Net-Worm.Win32.Kido.ix
15 Worm.Win32.AutoIt.i
16 Trojan-Downloader.WMA.GetCodec.u
17 Packed.Win32.Klone.bj
18 Email-Worm.Win32.Brontok.q
19 Worm.Win32.AutoRun.rxx
20 not-a-virus:AdWare.Win32.Shopper.v
Even though the way in which threats were analysed changed, this had no influence on the leaders in this ranking: Net- Worm.Win32.Kido.ih remained in first place. Two more modifications of the worm – Kido.jq and Kido.ix – also appeared in the rating. This Kido crop is due to the fact that this family of malware can also spread in varied ways, including via removable media, which are then connected to unprotected computers.
Two worms from the AutoRun family, AutoRun.dui and AutoRun.rxx, also made it into the ranking by dint of the same method.
Trojan-Downloader.JS.LuckySploit.q is an interesting script Trojan that is frequently used by cybercriminals; there are further details later in this report.
In twentieth place is an adware program, Shopper.v. It’s one of the most common programs of its type (the development company, Zango, formerly Hotbar, shut down a few months ago). The application installs various toolbars to the browser and mail client and uses them to display advertising banners. Removing the toolbars can be difficult. The second Top Twenty presents data generated by the web antivirus component and reflects the online threat landscape. This ranking includes malicious programs detected on web pages and malware, which attempted to load from web pages. In other words, the second ranking answers two questions: “What malware most often infects web pages?” and “Which malicious programs are most often downloaded – with or without the user’s knowledge – from malicious or infected pages?”
Position Name
1 Trojan-Downloader.JS.Gumblar.a
2 Trojan-Downloader.JS.Iframe.ayt
3 Trojan-Downloader.JS.LuckySploit.q
4 Trojan-Clicker.HTML.IFrame.kr
5 Trojan-Downloader.HTML.IFrame.sz
6 Trojan-Downloader.JS.Major.c
7 Trojan-Downloader.Win32.Agent.cdam
8 Trojan-Clicker.HTML.IFrame.mq
9 Trojan.JS.Agent.aat
10 Trojan.Win32.RaMag.a
11 Trojan-Clicker.SWF.Small.b
12 Packed.JS.Agent.ab
13 Trojan-Downloader.JS.Agent.czm
14 Exploit.JS.Pdfka.gu
15 Trojan-Clicker.JS.Agent.fp
16 Trojan-Dropper.Win32.Agent.aiuf
17 Exploit.JS.Pdfka.lr
18 not-a-virus:AdWare.Win32.Shopper.l
19 not-a-virus:AdWare.Win32.Shopper.v
20 Exploit.SWF.Agent.az
The top position is rightfully occupied by Gumblar.a, a Trojan-Downloader program, which is an excellent example of malware used in drive-by downloads. Gumblar.a is a small encrypted script which, when executed, redirects the user to a malicious website. A series of vulnerabilities is then exploited to download a malicious executable file from the website and install it on the user’s computer.
Once installed, the file affects the user’s web traffic by modifying Google search results. It also searches the computer for passwords to FTP servers in order to infect them. The result is a botnet of infected servers created by cybercriminals, which can be used to download any type of malicious
program to users’ computers. The number of infected servers is enormous and, furthermore, the malware is still spreading to unprotected computers.
Another notable example of drive-by download malware is a Trojan-Downloader program, LuckySploit.q, which is in third place in the second ranking and is also present in the first Top Twenty.
This is a skillfully obfuscated script, which first harvests browser configuration data from the user’s computer. It then encrypts the data using an RSA public key and sends it to a malicious website. The data is decrypted on the server using the private RSA key and a selection of scripts (browser configuration dependent) is returned to the user. The scripts exploit vulnerabilities on the victim machine and download malicious programs to it. In addition to everything else, this multi-step approach seriously hinders analysis of the original script that harvests browser information: if the server that decrypts the data is not accessible, it is impossible to find out which scripts will be returned in any particular case.
A number of malicious programs exploit vulnerabilities in products from major vendors. The presence of such exploits as Trojan-Clicker.SWF.Small.b, Exploit.JS.Pdfka.gu, Exploit.JS.Pdfka.lr ? Exploit.SWF.Agent.az in the ranking is testimony both to the popularity and to the vulnerability of Adobe Flash Player and Adobe Reader. Vulnerabilities in Microsoft products are
also actively exploited: Trojan-Downloader.JS.Major.c attempts to exploit several vulnerabilities in different Windows and Microsoft Office components simultaneously. Recently there has been a clear trend for cybercriminals to use a range of sophisticated drive-by downloads to install malware on victim machines. Overall, cybercriminals are becoming increasingly Web-oriented.
This makes it particularly important for users to update their operating systems and application software regularly and to keep their antivirus solutions up-to-date.
Posted in 
Tags: 
just wanted to thank you for the information on Trojan-Clicker.JS.I appreciated your help the info was very helpful keep up the good work
regards
Adam Henderson
Anti Adware…
best Anti Adware software free download for microsoft windows….
…
I would like to thank you with the endeavors you have produced in publishing this posting. I am trusting the same greatest work from you within the future too. Actually your fanciful writing abilities has inspired me to start my very own website now. G…
…
Sweet article….
Great article…
I think this is wonderful I truly appreciate the informations shared in this post I am going to bookmark this!…
Google Search for Mobile Phone Users Now Includes Mobile App Results…
Good blog from BlogFlaw.com about Google search on mobile…
…
I saw this really great post today. I think it is the cool Ladies beanie hat guide?…
I was just browsing for related blog posts for my project research and I happened to discover yours. Thanks for the excellent information!
Hi, I just wanted to tell you about this great site where someone is trying to make a profit by buying antiques on ebay and then selling them back on eBay.It’s an online version of a BBC antiques show, seeing how much money can be made (or lost) from a starting budget of just ?300!Sounds
Hello, I just wanted to tell you about this interesting site where a guy is trying to make a profit by buying antiques on ebay and then reselling them on eBay.It’s an online version of a BBC antiques show, seeing how much money can be made (or lost) from a Start of just ?300!Sounds
Hello! eedddef interesting eedddef site!
Typically I do not make comments on blogs, but I have to mention that this post really forced me to do so. Really admirable post
You have a great looking site. I have read a lot of these posts and they have come in use. I have visited many blogs and it seems like most of the information sounds generic or is copied from other site and I can’t ever get useful information or information that is even worth the time that I spend reading it. I myself run several blogs and forums. Most of my blogs pertain to animals,to be more specific, dogs. I have checked out your site and absolutely love it. I would like for you to visit some of my blogs. I know that you probably don’t want me posting all my links here and I do not want you to feel like I am spamming you so therefore I will not leave a bunch of links. However, if it is okay with you, I would like to post a link to one of my most successful sites. The main component of my site is vbulletin forums. I also have a blog on this site along with a function that allow members to enter their dog’s pedigrees. The pedigrees show up in a four generation site where every dog name is a link to that dog’s four generation pedigree. I would really like for you to check out my site and let me know your thoughts on it and ideas or suggestions for improvement. I am especially interested inyour input on my blog because this seems to be your specialty. My site URL is http://www.PetPedigreeDatabase.com/
Well done! Nice post! This really helps me to find the answers to my question. Hoping, that you will continue posting articles having lots of advantageous information. Thanks a lot!
Do you have any more info on this? or maybe point me into the right direction?
This is a best place for such kind of articles, your website is a inspiration for me. i got so very much benefits and good results after visiting here and the grace is increasing day by day in your posts. The above information is extremly essential.
Hello, great post. I look forward to your next topic. Thanks, Jane
Useful and nice article. I am going to subscribe your blog. Tnx.
Well, the article is in reality the freshest on this valuable topic. I fit in with your conclusions and will eagerly look forward to your future updates. Just saying thanks will not just be enough, for the extraordinary lucidity in your writing. I will right away grab your rss feed to stay informed of any updates. Genuine work and much success in your business enterprise!
Opulently I acquiesce in but I dream the brief should have more info then it has.
Will this work for both men and women?
Hello. This is kind of an “unconventional” question , but have other visitors asked you how get the menu bar to look like you’ve got it? I also have a blog and am really looking to alter around the theme, however am scared to death to mess with it for fear of the search engines punishing me. I am very new to all of this …so i am just not positive exactly how to try to to it all yet. I’ll just keep working on it one day at a time Thanks for any help you can offer here.
Will this help to lift my metabolism as well?
Hi nice page there. keep it up.I frankly heart to read your blog.Last of all have good day
Hey! I love your website
Gerade beim herumstoebern im Netz bin ich auf einmal auf deinem Blog gelandert. Und jetzt komme ich nicht mehr wirklich weg weil mir die Artikel welche du geschrieben hast richtig zu sagen. Sind schoen interessant geschrieben so das man sie gerne lie?t.
Yo sweet site there. keep it up.I honestly heart to browse your site.Last of all have great night
Good dispatch and this enter helped me alot in my college assignement. Gratefulness you as your information.
Hi nice content there. keep it going.I frankly heart to read your blog.Last of all have great night
Hi, I’m very interested to know peoples ideas on whether they’re finding pay per click is becoming noticably more expensive and whether natural seo is the best way to go.Thank you,Joanna
How long has this blog been around? I have been searching for this kind of information for the past week and a half.
Saw your Blog bookmarked on Reddit. Nice Blog.
Advantageously, the post is really the sweetest on this notable topic. I harmonise with your conclusions and will eagerly look forward to your coming updates. Just saying cheers will not just be enough, for the tremendous lucidity in your writing. I will directly grab your rss feed to stay privy of any updates. Fabulous work and much success in your business enterprise!
Have you ever considered adding more videos to your blog posts to keep the readers more entertained? I mean I just read through the entire article of yours and it was quite good but since I’m more of a visual learner,I found that to be more helpful well let me know how it turns out. This is good…thanks for sharing
Have you ever thought of adding more videos to your blog posts to keep the visitors more engaged? I just read through the whole post and it was very nice but since I learn visually, I find videos to be more helpful. I dig what you guys are always coming up with. Keep up the nice work. I will return to your page daily for some new post.
Well-written. Thanks. As someone who has fought with an addiction myself, I really appreciate this site.
Registry cleaning software for Windows 7 is undoubtedly the best way to remove errors from a corrupt registry.
Between me and my husband we’ve owned more MP3 players over the years than I can count, including Sansas, iRivers, iPods (classic
A well written article, i’ve bookmarked it so I can read through it properly later when i’m back from work.Thanks for the article again!
If you ever utilized Facebook or shopped on the internet since Fall of 2009, you may be infected! Apparently Santa Claus has concluded that every user on Facebook is bad, for Christmas they are all receiving a computer virus compared with the standard lump of coal. The spammers are at it once again on the trendy Facebook social network. According to Panda Security, the new computer virus attack entails the posting of a movie on a user?s wall posts by ***SantA*** and is implied to be a Christmas greeting card. As soon as you click on the fake movie player, the personal computer gets infected with a variant of the Koobface worm, Koobface.GK. Click here or go to http://registrycleanerwindows7.com now for a FREE scan to see if this computer is contaminated!
You lucky guys, watch ths video, this is, to me, the 1st flash based free web editor like this, all seo friendly create a free flash website