Top Ten viruses most frequently detected by Panda ActiveSca
Top Ten viruses most frequently detected by Panda ActiveSca
12/01/2004. Since June, Downloader.GK has been the malicious code causing the most damage to users´ computers.
November has been an erratic month in terms of virus activity. Although in general it has been relatively quiet, there has been some cause for concern, such as the appearance of Sober.I and the Tasin family of worms. However, Downloader.GK was once again the most active malicious code.
According to November’s Top Ten, based on the data gathered by Panda ActiveScan, the free online scanner, the Downloader.GK Trojan was, for the sixth month running, the malicious code responsible for most attacks. A long way off in second place came Mhtredir.gen, the generic detection for a family of Trojans that allows attacks to take malicious action on affected systems.
Netsky.P, first detected in March of this year and which exploits an old vulnerability in Microsoft Internet Explorer, and Mabutu.A, the email worm that acts as a backdoor Trojan, were third and fourth respectively in the Top Ten.
In fifth place came Citifraud.A, a Trojan detected for the first time at the beginning of November and designed to carry out phishing attacks. As with most Trojans, and despite the fact that there has not been an epidemic as such, its activity has been intense.
Sasser.ftp, a script created by the Sasser worms to install themselves on computers via FTP, and Gaobot.gen, the generic detection for a family of worms that steal confidential data from the systems that it affects were in sixth and seventh place respectively in the ranking.
StartPage.FH -a Trojan designed to install malware on the computers it affects-, and the Bagle.BC worm were eighth and ninth in the list. Finally, Qhost.gen, a generic detection for the modifications made to the HOSTS file by various Trojans, closes this edition of the Top Ten.
Virus % frequency
Trj/Downloader.GK 19.47%
Exploit/Mhtredir.gen 6.86%
W32/Netsky.P.worm 4.70%
W32/Mabutu.A.worm 4.62%
Trj/Citifraud.A 4.34%
W32/Sasser.ftp 3.54%
W32/Gaobot.gen.worm 3.27%
Trj/StartPage.FH 3.05%
W32/Bagle.BC.worm 2.98%
Trj/Qhost.gen 2.93%
The following conclusions can be drawn from the data collected by Panda ActiveScan in November:
- Use of malicious code for financial gain. Of the ten viruses in the ranking, seven could be used directly or indirectly for financial gain. This could be through selling personal data, phishing-type fraud, stealing of confidential data, or by taking remote control of users’ computers.
- Significant activity of Trojans and worm/Trojans. In relation with the previous point, in November the trend that started some months ago has continued, with the prevalence of Trojans or worm/Trojans such as Mabutu.A. Both these types of malware are widely used to carry out frauds by cyber-crooks.
- Software vulnerabilities still represent a major threat. Five of the malicious code in this month’s Top Ten use vulnerabilities in software installed on computers in order to carry out their malicious action. Nevertheless, the fact that none of them have been discovered recently and that there has been plenty of time to apply the patches needed to fix them, indicates that there are many users who are not updating their systems frequently enough. This is why software vulnerabilities continue to be a serious threat as they allow the propagation of a wide variety of malicious code, regardless of whether the flaw has recently been discovered or has been known for some time.
To help as many users as possible keep their systems virus free, Panda Software offers Panda ActiveScan, free of charge, at http://www.pandasoftware.com/. Webmasters who would like to include ActiveScan on their websites can get the HTML code, free of charges, at http://www.pandasoftware.com/partners/webmasters.
Panda Software also offers users Virus Alerts, an e-bulletin in English and Spanish that gives immediate warning of the emergence of potentially dangerous malicious code. To receive Virus Alerts just visit Panda Software´s website (http://www.pandasoftware.com/) and complete the corresponding form in the Virus Alerts section.
For more information about these and other malicious code, visit Panda Software´s Virus Encyclopedia.
About PandaLabs
On receiving a possibly infected file, Panda Software´s technical staff get straight down to work. The file is analyzed and depending on the type, the action taken may include: disassembly, macro scanning, code analysis etc. If the file does in fact contain a new virus, the disinfection and detection routines are prepared and quickly distributed to users.
For more information: http://www.pandasoftware.com/virus_info/
Oxygen3 24h-365d, by Panda Software
© Panda Software 2003
Back
- Microsoft revamps Bing to include interactive social sidebar
The three-column interface also includes a ´snapshot´ for more direct interaction with products and places.
- Adobe Creative Cloud Now Available
Two New Touch Apps for iOS and Adobe Muse Also Shipping
- Acer G6 series - Super-slim design, inspiring performance
- Come Explore the VIA Smart Ecosystem at Computex 2012
- HP tries to beat ultrabook pricing with thin-and-light Sleekbooks
- MasterCard´s PayPass Wallet will span online, mobile, in-store shopping
- Google infringed Java copyrights in Android, jury finds
- After false alarm, no verdict Friday in Oracle Google
- Lenovo building industrial center to develop tablets, smartphones
- Facebook´s valuation for IPO will be lower than initially expected
Member of IVSZ
Member of SZEK
Acer Affinity Gold partner
Dell Registered Partner
OKI System Shinrai Partner
XEROX Viszonteladó
APC megbízható szállító
EATON Authorized Partner
Cisco partner
Symantec Software Partner
ESET Partner
FUJITSU partner
LENOVO Premium Partner
IBM Business Partner
PARTNERS: Computerworld.hu | GameStar.hu | PCWorld.hu | SG.hu | PC Guru | Hitel