Malware reports

Malware Miscellany, July 2007

As we gradually start the transition to autumn, let’s take a moment to look at the miscellaneous malware we saw at the height of summer 2007.

  1. Greediest Trojan targeting banks – Summer is already halfway over. During the midsummer month of July, this category was led by Trojan-Spy.Win32.Banker.alv, which currently has its sights set on 33 banks.
  2. Greediest Trojan targeting payment systems – the title this month goes to Trojan-PSW.Win32Steam.f, currently targeting three different e-payment systems at once.
  3. Greediest Trojan targeting payment cards – here a Brazilian Trojan, Trojan-Spy.Win32Banbra.df, takes the category, targeting four different payment card systems.
  4. Stealthiest malicious program – Trojan-Downloader.Win32.Delf.ain, which is packed 12 times, dominated this category in July.
  5. Smallest malicious program – this month we have a tiny 14-byte program (the same size as last month’s winner, incidentally) called Trojan.BAT.Formatcu. Despite its small size, this program is capable of doing a lot of damage by destroying all data on the C: drive.
  6. Largest malicious program – the heavyweight champion in July, a modification of Trojan.Win32.KillFiles.mb, takes up a lot of space at 743MB.
  7. Most malicious program – the leader this month is Backdoor.Win32.Aebot.e. It deletes antivirus protection from files on disk, from processes running in RAM, and from registry auto run keys.
  8. Most common malicious program in email traffic – July’s most common malicious program was Email-Worm.Win32.Warezov.pk, which accounted for nearly 23% of all mail traffic last month.
  9. Most common Trojan family – last month’s leader in this category was the Trojan-Spy.Win32.Banload family. A total of 534 variants of this family that had not been previously detected emerged last month.
  10. Most common virus/ worm family – The most common worm family in July was the email worm Warezov. 41 modifications of this family were detected in July.

Malware Miscellany, July 2007

Your email address will not be published. Required fields are marked *

 

Reports

BlindEagle flying high in Latin America

Kaspersky shares insights into the activity and TTPs of the BlindEagle APT, which targets organizations and individuals in Colombia, Ecuador, Chile, Panama and other Latin American countries.

APT trends report Q2 2024

The report features the most significant developments relating to APT groups in Q2 2024, including the new backdoor in Linux utility XZ, a new RAT called SalmonQT, and hacktivist activity.

Subscribe to our weekly e-mails

The hottest research right in your inbox