10

NEWS

Attack data

APRIL 2007

AnalysisDavid Emm, senior technology consultant at Kaspersky Lab.

Trojan Downloaders• Trojans have grown in number in recent years and now make up

around 70% of malware. Indeed, they are now the weapon of choice for today’s malware authors and the criminal underground that sponsors them. The copy-book definition of a trojan is this: it’s a non-replicating program that appears to be legitimate but is designed to carry out some harmful action on the victim computer.

• Since trojans don’t have their own on-board replication capability, they’re often perceived as being less dangerous than viruses or worms.

• Yet their effects can be dangerous and very far-reaching. Not only have they increased in numbers in recent years. They have also become more sophisticated and they are being put to an increasing number of malicious uses.

• Trojan downloaders are typically written in script languages such as VBS or JavaScript, so they’re easy to write, and they often exploit browser vulnerabilities to carry out their function. As with other types of trojan, trojan downloaders operate silently, so as not to provide the innocent victim with any clues as to their existence or function. As such, they form one part of the hidden menace that

threaten us today.

Fifth Third Bank76.91 %

VolksBank1.39 %

Citibank19.86 %

Bank of America0.92 %

Others 0.92 %

Top five countries

1 Paypal Member

2 Dear Paypal Member

3 Paypal Notification

4 Attention Paypal Member

5 Paypal Member Notification

6 Update your account

7 Fifth Third Bank - urgent notification from Protection Department!

8 important information for Fifth Third Bank customers!

9 Important Banking Mail.

10 Fifth Third Bank: please read this message.

TOP BRANDS TARGETED BY PHISHING SCAMS: Source: McAfee

# Name % Category

1 Email-Worm.Win32.Mydoom.m 1.66 Email Worm

2 New! Trojan.Win32.Agent.qt 1.5 Trojan

3 Email-Worm.Win32.Rays 1.3 Email Worm

4not-a-virus:Monitor.Win32.

Perflogger.1631.2 Riskware

5 Email-Worm.Win32.Brontok.q 1.11 Email Worm

6 Trojan.Win32.Dialer.cj 0.99 Trojan

7 Backdoor.IRC.Zapchast 0.87Trojan Program:

Backdoor

8 not-a-virus:PSWTool.Win32.RAS.a 0.84 Riskware

9New! Trojan-Downloader.Win32.Small.

ddp0.8

Trojan Program:

Downloader

10New! Trojan-Downloader.Win32.

Nurech.at0.63

Trojan Program:

Downloader

11 New! Email-Worm.Win32.Warezov.lk 0.63 Email Worm

12New! not-a-virus:AdWare.Win32.

Virtumonde.ha0.55 AdWare

13 not-a-virus:Monitor.Win32.Perflogger.ad 0.54 Riskware

14 New! Net-Worm.Win32.Mytob.bi 0.52 Network Worm

15 New! Trojan-Downloader.Win32.Bagle.bp 0.51Trojan Program:

Downloader

16 Trojan-Spy.Win32.Bancos.zm 0.5Trojan Program:

Spyware

17 New! Trojan-Clicker.Win32.Small.kj 0.48Trojan Program:

Clicker

18 New! Email-Worm.Win32.Warezov.ls 0.47 Email Worm

19 Trojan-Downloader.Win32.Small.edb 0.46Trojan Program:

Downloader

20 Email-Worm.Win32.Mydoom.l 0.46 Email Worm

Other malicious programs 83.98

ONLINE TOP 20: DATA CAPTURED USING KASPERSKY LAB’S ONLINE SCANNER (www.kaspersky.co.uk/virusscanner)

Find out about the above listed malware in detail, visit www.viruslist.com/en/analysis?pubid=204791927.