GFI Software Announces Top 10 Malware Threats for February

March 03, 2011 - 12:00

GFI Software Announces Top 10 Malware Threats for February


GFI Software’s ThreatNet™ statistics show increase in rogue security software attacks and continued prevalence of Trojan horses

GFI Software, a leading IT solutions provider for small and medium-sized enterprises, today announced the top 10 most prevalent malware threats for the month of February 2011. The top 10 data is compiled from monthly scans performed by GFI's award-winning anti-malware solution, VIPRE® Antivirus, and its antispyware tool, CounterSpy®, as a service of GFI Labs™.

Continuing a trend observed since last summer, the same types of Trojan horse programs have persistently dominated the threat landscape through February. ThreatNet statistics show that Trojans made up six of the top 10 malware threats of the month. Trojans detected as Trojan.Win32.Generic!BT continue to be the number one threat, accounting for 22.97 percent of total detections. This is an increase from the 21.38 percent in January and 21.93 percent in December of total threats detected.

These Trojans are downloaders associated with rogue security programs known as “scareware”. Once they are on a user’s system, these programs perform a fake scan of a victim’s computer for malware then display false warnings that the machine is infected in an attempt to convince victims to purchase fake security software.

“The Security Shield rogue has become very noticeable, with many comments posted to our Rogue Security software blog regarding this particular infection,” said Chris Boyd, senior threat researcher, GFI Labs. “These types of attacks notoriously cause a great deal of stress for the victim in addition to simply infecting their computer.”

While Trojans continue to be the most common threat detected, GFI Labs researchers are also seeing a rise in lesser-known attack vectors. Although they are not as common, these forms of attack are especially dangerous because most users may not know how to spot them.

"PDF exploits continue to be problematic, showing a small increase since January. February has also seen continued use of fake Java applet installs to infect PCs with malware, Alureon infected videogame patches distributed on P2P networks and phishing attempts targeting customers of the popular online retailer Play.com,” said Boyd. “With new attacks popping up every day, users need to always stay cautious and research programs they plan to download when there is any doubt.”

ThreatNet is GFI Lab’s monitoring system that retrieves real-time data from VIPRE installations. Statistics come from tens of thousands of machines running VIPRE.

Top 10 detections for February

DetectionTypePercent
Trojan.Win32.Generic!BTTrojan22.97
Trojan-Spy.Win32.Zbot.genTrojan3.46
Trojan.Win32.Generic.pak!cobraTrojan2.89
Zugo LTD (v)Adware2.52
Fraudtool.Win32.Securityshield.ek!c (v)Trojan2.00
Trojan.Win32.Generic!SB.0Trojan1.72
INF.Autorun (v)Trojan1.66
Worm.Win32.Downad.Gen (v)Worm1.48
Pinball Corporation (v)Adware1.19
Exploit.PDF-JS.Gen (v)PDF exploit0.83

To see a graphical comparison of the top 10 most prevalent malware infections between January 2011 and February 2011, please visit: https://images.gfi.com/Feb2011_Chart.jpg

About GFI Labs
GFI Labs specializes in the discovery and analysis of dangerous vulnerabilities (i.e., security holes, bugs, maligned features or combination of operations) that could be exploited for Internet and email attacks. The research team actively researches new malware outbreaks, creating and testing new threat definitions on a constant basis.

About GFI
GFI Software provides web and mail security, archiving, backup and fax, networking and security software and hosted IT solutions for small and medium-size businesses (SMBs) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMBs, GFI satisfies the IT needs of organizations on a global scale. The company has offices in the United States (North Carolina, California and Florida), UK (London and Dundee), Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold Certified Partner.