Malware reports

Malware Miscellany, October 2008

  1. Greediest Trojan targeting banks
    Now that autumn is into its stride, there’s been a change in this category; October’s winner is Trojan-Spy.Win32.Bzub.cqz, rather than a member of the Banker family. Bzub.cqz targets clients of 34 different banks.

  2. Greediest Trojan targeting payment systems
    Trojan.Win32.Agent.afhy comes out top, attacking 4 different epayment systems at once.

  3. Greediest Trojan targeting payment cards
    The Agent family wins again in this category, with Trojan.Win32.Agent.agyz searching out users of 5 card systems.

  4. Stealthiest malicious program
    The Hupigon family, which makes frequent appearances in this category, takes the lead in October; one modification of Backdoor.Win32.Hupigon.btlis packed with 8 different packers.

  5. Smallest malicious program
    In spite of being a mere 20 bytes in size, Trojan.BAT.KillAll.an is able to delete all files from disk.

  6. Largest malicious program
    Trojan.Win32.Haradong makes a return this month – modification .ga weighs in at more than 200MB.

  7. Most common vulnerability on the Internet
    In October, Exploit.SWF.Downloader.hn accounted for 2.3% of all malicious content detected on the Internet.

  8. Most common malicious program on the Internet
    Trojan-Downloader.Win32.IstBar.cx was the most common malicious program on the Internet in October, accounting for a “modest” 2.1% of all malicious content detected.

  9. Most common Trojan family
    Backdoor.Win32.Hupigon puts in yet another appearance in this category, this time with 3891new modifications.

  10. Most common virus/ worm family
    There are no changes in this category either this month, with Worm.Win32.AutoRun taking the crown again. And its numbers are similar to those of last month – 651 new modifications in October as against September’s 655.

Malware Miscellany, October 2008

Your email address will not be published. Required fields are marked *

 

Reports

APT trends report Q3 2022

This is our latest summary of advanced persistent threat (APT) activities, focusing on events that we observed during Q3 2022.

APT10: Tracking down LODEINFO 2022, part I

The first part of this report will provide technical analysis of the new infection methods such as SFX files and DOWNIISSA, a new downloader shellcode used to deploy the LODEINFO backdoor.

Subscribe to our weekly e-mails

The hottest research right in your inbox