Saturday, July 19, 2008

Trojans Accounted for More Than 60 Percent of New Malware

Panda Security announced the findings from its second quarterly report of 2008. Published by PandaLabs, the Company's laboratory for detecting and analyzing malware, the report revealed that Trojans comprised over 63 percent of all new malicious codes. Adware followed closely behind, comprising 22.40 percent of all infections. PandaLabs specifically addresses the threat of banker Trojans, as well as specific worm strains that have been most prevalent in malware infections in the last quarter. The report can be downloaded from

Banker Trojans have been identified as the most dangerous and damaging of all types of Trojans in circulation. According to the PandaLabs' Q2 report, Sinowal, Banbra and Bancos are the three most active banker Trojan families. Other families, including Dumador, SpyForms, Bandiv, PowerGrabber and Bankpatch also have numerous variants, while there has been less activity in the Briz, Snatch and Nuklus families of banker Trojans.

"This type of malware is causing serious losses for users around the world, particularly considering the increased use of online banking services. With the millions of online bank users, there is a tremendous pool of potential victims for cyber crooks," explains Luis Corrons, Technical Director of PandaLabs. "If criminals managed to steal just $100 dollars from one percent of the current base of users, we would be talking about a haul of tens of millions of dollars. And this is a very conservative estimate; the reality could be much worse."

Worms were also on the rise representing 13.5 percent of all malware infections. Corrons states, "Trojans are responsible for the most infections, but they do it with thousands of different variants. Worms, however, operate in a different way, with perhaps one strain being responsible for tens of thousands of infections. In terms of individual malicious code, worms are often the most prevalent." With respect to the virulence of specific examples, the Bagle.RP worm infected most computers, followed by the Puce.E and Bagle.SP worms. The following table indicates the most active malware samples detected by PandaLabs.

01 W32/Bagle.RP.worm
02 W32/Puce.E.worm
03 W32/Bagle.SP.worm
04 Adware/AdsRevenue
05 W32/Perlovga.A.worm
06 W32/Bagle.KV.worm
07 Adware/Maxifiles
08 Trj/Dropper.UN
09 W32/Whybo.I.worm
10 Trj/Rebooter.J

No comments: