Top malware threats

Kaspersky has released their analysis of malware attacks occurring over December 2009, indicating a number of disturbing trends for the unprotected computer user.

Malware detected on computers

Packing programmes used to disguise malicious code continue to pose a serious threat. Of the ‘Packed’ family of malware, the ‘Packed.Win32.Krap.ag’ variant which first appeared in November has risen to number 15 on the top 20 malware list, infecting just over 31 000 computers in December. The ‘Krap.ag’ variant is specifically found in fake anti-virus programs, which Kaspersky sees as an indication that cybercriminals are continuing to use these rogue programs to turn profits.

A new form of malware discovered in December was ‘GamezTar.a’ which is presented as a downloadable toolbar for many popular browsers and touts ‘quick access to online games’ as its benefit. This malware displays a number of irritating adverts and installs processes that run independently of the toolbar and interfere with online activity. Kaspersky notes that these functions are described in the EULA, but still classifies the program as malicious adware.

The ‘Swizzor’ trojan has continued to evolve, now being identified as ‘Trojan.Win32.Swizzor.c’. This trojan downloads other malicious files from the Internet which will pose a further threat to a system. Although simple in design, it continues to be a top security concern.

Malicious programs online

The ‘Packed’ family appears at the top of online threat rankings as well, with the ‘Krap.ag’ and ‘Krap.ai’ variants respectively sitting at 11 and 10 on the top 20 list. Likewise, ‘GamezTar.a’ and its variant ‘GamezTar.b’ both appear in the top 20 online threats.

A number of trojans exploiting vulnerabilities in Adobe and Microsoft products have also made the top 20 threat list. These trojans attempt to download malicious executable files.

Kaspersky also cited ‘Trojan-Downloader.JS.Twetti.a’ as an example of cybercriminal creativity. This trojan has recently infected a number of legitimate websites. It exploits an intermediary – in this case Twitter – to redirect users to a domain that contains malware in the form of a PDF exploit or executable file. This form of malware has proven expert at covering its tracks and is difficult to trace.

PDF exploits were high on the list of threats encountered in December, and Kaspersky believes that at least three of the top 20 threats for the month were the work of a single cybercriminal outfit.

As always, malware attacks are becoming ever more sophisticated, usually with the intent of making money in some way.

Top malware threats – comments and views

Don't miss the latest news

• Add MyBroadband as a preferred source in Google Search
• Follow MyBroadband on Google News