SunbeltLabs finds increasing number of generic and behavior-based threats thanks to improving detection capabilities
Clearwater, FL — Apr 6, 2010 — Sunbelt Software, a leading provider of Windows security software, today announced the top 10 most prevalent malware threats for the month of March 2010. The report, compiled from monthly scans performed by Sunbelt Software's award-winning anti-malware solution, VIPRE® Antivirus, and its antispyware tool, CounterSpy®, is a service of SunbeltLabs™.
The list of detections for March shows the continued prevalence of Trojan horse programs circulating on the Internet and the growing trend of generic and behavior-based detections in antivirus detections. Generic and behavior-based detections by the antivirus industry have improved thanks to the massive increase in new malcode, which number thousands per day.
The top two detections for the month remained in the same positions as last month. Both Trojan.Win32.Generic!BT (31.07 percent) and Trojan-Spy.Win32.Zbot.gen (4.97 percent) maintained approximately the same pervasiveness in the overall malware tracked. The top 10 made up more than 50 percent of all detections for the month and the top two made up greater than 36 percent of all detections.
Sunbelt's Top 10 list is similar to February's detections, however March saw the additions of INF.Autorun (v) and BehavesLike.Win32.Malware (v) appearing in the fifth and sixth spots and Trojan.Win32.Agent and Trojan-Spy.Win32.Zbot.gen (v) dropped off the list.
Other detections with a significant change in March include Exploit.PDF-JS.Gen (v), which saw its percentage of total detections grow by almost 50 percent, and Trojan.Win32.Generic.pak!cobra - which saw a significant drop in its share from 3.37 percent to 1.37 percent of all detections.
"Good antivirus defense requires not only up-to-the-minute detections of malware, but fast detection as well," said Sunbelt Software research center manager Tom Kelchner. "Generic and behavior-based detections help VIPRE nail a lot of the polymorphic variants and newly-created malicious code. It might be new and evade detections for existing malicious activity, but when it runs in VIPRE's MX-V™ virtual environment, the malicious activity is sure to be caught."
"It's a cat-and-mouse game that's been going on as long as there have been antivirus engines. The hackers try to come up with something that will evade detection and steal something valuable from its victims. Sunbelt creates detection technology that works fast and seamlessly to not bog down our customers' systems," Kelchner added.
New entries in the top 10 in March were:
- INF.Autorun (v) - Trojan downloader
- BehavesLike.Win32.Malware (v) - category of suspicious behaving malware
The top 10 results represent the number of times a particular malware infection was detected during VIPRE and CounterSpy scans that report back to ThreatNet, Sunbelt Software's community of opt-in users. These threats are classified as moderate to severe based on method of installation among other criteria established by SunbeltLabs. The majority of these threats propagate through stealth installations or social engineering.
The top 10 most prevalent malware threats for the month of March are:
1. Trojan.Win32.Generic!BT 31.07%
2. Trojan-Spy.Win32.Zbot.gen 4.97%
3. Exploit.PDF-JS.Gen (v) 3.76%
4. Trojan.Win32.Generic!SB.0 3.36%
5. INF.Autorun (v) 1.70%
6. BehavesLike.Win32.Malware (v) 1.47%
7. Trojan.Win32.Generic.pak!cobra 1.37%
8. Trojan.Win32.Malware 1.37%
9. Trojan.ASF.Wimad (v) 1.23%
10. Virtumonde 1.21%
Below is a graphical comparison of the top 10 most prevalent malware infections between February and March.
Click to enlarge
About SunbeltLabs
SunbeltLabs specializes in the discovery and analysis of dangerous vulnerabilities (i.e., security holes, bugs, maligned features or combination of operations) that could be exploited for Internet and email attacks. The research team actively researches new malware outbreaks, creating and testing new threat definitions on a constant basis. For detailed threat research information and to view the top 10 threats in real time please visit SunbeltLabs at http://www.sunbeltsecurity.com.
About Sunbelt Software
Headquartered in Tampa Bay (Clearwater), Fla., Sunbelt Software was founded in 1994 and is a leading provider of Windows security software including enterprise antivirus, antispyware, email security, and malware analysis tools. Leading products include the VIPRE® and CounterSpy® product lines, Sunbelt Exchange Archiver™, CWSandbox™, and ThreatTrack™.
For more information about Sunbelt Software, please visit the company's website at: http://www.sunbeltsoftware.com. To learn more about current activities, products, and ideas at Sunbelt Software, please visit Sunbelt's corporate blog at http://www.sunbeltblog.com.
|
|
Sunbelt Software
# # # END # # #
Disclaimer: All product and company names herein may be trademarks of their respective owners. To the best
of our knowledge, all details were correct at the time of publishing; this information is subject to change without notice.
Primary Media Contacts
|
Laurie Murrell
+1-727-562-0101 x.236
Sunbelt Software
Lauriem@sunbeltsoftware.com
|
Brian Alberti
+1-781-418-2403
gfi@daviesmurphy.com
www.daviesmurphy.com
for Sunbelt Software
|
|
 |
|
