Malware Miscellany, September 2009


    After a lengthy interlude, we’re renewing our monthly malware almanac by popular demand. We’ve made quite a few changes to it, hopefully for the better – we’ll let you be the judge of that.

    Категория Наименование
    3 countries for malicious URLs

    Canada takes first
    place, hosting more than 21% of the world’s malicious URLs. The US is
    second with 16%, followed by China with 15%.


    3 countries hosting sites which spread malware

    China claims first
    place, hosting 26% of all malicious sites globally.
    The US comes second with 18%, and Russia is third with 12%.


    site which affects the biggest number of Internet users
    accounted for 1.62% of all online infections globally. This is a porn
    site located in China. Porn always attracts a lot of visitors, and it’s
    no secret that it’s often used by cybercriminals to spread malicious or
    suspicious content. There’ve been attempts (which were blocked) to
    spread a wide variety of Trojans from this site – most of them are
    Trojan-Downloader.Win32.Agent and Trojan.Win32.StartPage variants.


    spreading the biggest number of unique malicious programs

     1142 unique
    malicious programs were spread from The
    programs vary widely, and cover virtually all the different types of
    malware behavior in Kaspersky Lab’s classification.


    malicious program

    In September, this
    category was led by Trojan.Win32.Chifrax.d at 388 MB. There are
    numerous modifications of this Trojan, all larger than 300 MB.
    Trojan.Win32.Chifrax.d is the name used to detect CAB archives which
    have been specially modified by virus writers in order to evade
    antivirus solutions.


    malicious program

    is a mere 30 bytes. It’s part of another Trojan that uses it to shut
    down the victim computer without asking the user’s consent.


    widespread vulnerability on users’ computers

    In late July, Adobe
    Flash Players 9 and 10 were found to have multiple vulnerabilities that
    can be exploited by cybercriminals to gain access to a system, run
    arbitrary code, gain access to confidential data or bypass security
    systems. More information about the vulnerabilities and how to fix
    them, can be found at:


    common exploit

    in combination with Exploit.Win32.DirektShow, this malware family
    exploits a critical vulnerability in Internet Explorer 6.0 and 7.0 and
    has recently become extremely widespread on the Internet.


    widespread malware on the Internet

    In just a month, Packed.Win32.TDSS.z tried to penetrate
    computers in 108 countries around the world.

    joke (hoax programs that scare or annoy users but don’t have a clearly
    malicious payload)
    displays an obscene video clip and bombards victims with offensive
    messages which can’t be stopped. 

    Related Posts

    Leave a Reply

    Your email address will not be published. Required fields are marked *