Windows malware

The middle of the month means it’s time for our miscellany, so let’s take a look at what the first month of summer brought us

Blackmailer – the return of Gpcode

We’re seeing a lot of reports about a new version of Backdoor.Win32.IRCBot.acd. This backdoor is a fairly limited IRCBot with spy capabilities combined with MSN-Worm functionality.

June’s top ten features six new malicious programs, half of which are new versions of Trojan downloaders.

Probably the most noteworthy event this month was the disappearance of May’s rabble-rouser, Sober.aa.

First and foremost this includes various means of modifying and packing code, in order to conceal the presence of malicious code in the system and to disrupt the functionality of antivirus solutions.

New Warezov downloader spammed along with banking PDF’s.

Virus writers didn’t take any time off over the public holidays, and the results of their labour have made their way into our May miscellany.

This week we added another unusual detection – detection for a calculator virus Virus.TI.Tigraa.a

May brought a few surprises, with old email worms climbing to the top of the rankings, and a warning of more to come. This month’s Top Twenty also features two classic file viruses.

It’s interesting that the virus writers who are creating Trojan downloaders are actively varying the type of files downloaded, ranging from obviously malicious programs to adware.

Greediest Trojan e-payment systems, stealthiest malicious program, most common malicious program in email traffic, most common Trojan family and others.

Warezov and Zhelatin regularly cause virus outbreaks, hit the headlines, and create a huge amount of work for virus labs around the world, but it’s NetSky.t.

It’s usual for the leader in our online rankings to change, but this month’s leader is very unusual.

Greediest Trojan e-payment systems, stealthiest malicious program, most common malicious program in email traffic, most common Trojan family and others.