Services   Cart  My Account   Contact Us  
English Русский Italiano    
Product Search
 

Select Currency
News Detail

  
4/2/2008
 March 2008 virus activity review from Doctor Web    by  Doctor Web, Ltd.

The virus monitoring service of Doctor Web, Ltd. has analyzed viral activities in March 2008.

The variation of the malware that writes itself to the MBR and uses rootkit technologies to hide its presence in the system (now often called a bootkit) surely became the event of the month. The bootkit entered the Dr.Web database as BackDoor.MaosBoot with its dropper added as Trojan.Packed.370. The creators of the malware tried to make it extremely difficult for an anti-virus to cure the bootkit, however, once again Dr.Web anti-virus has proven its high technology — the latest Dr.Web scanner version features a unique algorithm for detection and curing BackDoor.MaosBoot without resorting to any advanced system tools.

Strange as it seems, but spreading Trojan.PWS.LDPinch.1941 via ICQ also became an event worth mentioning. Doctor Web, Ltd. support staff received a lot of messages on infection by the Trojan from users. Morever, the Trojan executable was modified several times to avoid detection by anti-virus applications but all the variations were promptly added to the Dr.Web database.

The new social engineering trick used to lure a user into downloading the malware should also be mentioned — a reply-message from a recruiting company offering to enter personal data in a special form and providing a link to the "form”. Actually the "form" is a malicious program detected by Dr.Web ainti-viruses as Trojan.Sentinel. Spam
Apart from messages used to spread malware March saw offerings of spam mailing based on addresses databases of Russia, Ukraine and other CIS countries or tax evasion schemes and construction companies advertising which prevailed over other subjects.

March 2008 virus statistics

Table 1. 20. Most prevailing viruses detected on mail servers

 01.03.2008 - 31.03.2008 
1 Win32.HLLM.Netsky.35328 105766 (27.39%)
2 Win32.HLLM.Beagle 41605 (10.77%)
3 Win32.HLLM.Netsky.based 31333 (8.11%)
4 Win32.HLLM.Netsky 27742 (7.18%)
5 Win32.HLLM.MyDoom.based 24745 (6.41%)
6 Win32.HLLW.Autoruner.437 24194 (6.27%)
7 BackDoor.Bulknet.160 21230 (5.50%)
8 Exploit.MS05-053 12839 (3.33%)
9 Win32.HLLP.Sector 10941 (2.83%)
10 Win32.HLLM.Oder 9966 (2.58%)
11 Win32.HLLM.Perf 9901 (2.56%)
12 Win32.HLLM.MyDoom.33808 9132 (2.36%)
13 Win32.Virut 5844 (1.51%)
14 Win32.HLLM.Netsky.24064 4936 (1.28%)
15 Win32.HLLM.Netsky.28008 3885 (1.01%)
16 Win32.HLLM.Limar.2246 3389 (0.88%)
17 Win32.HLLM.MyDoom.33 2706 (0.70%)
18 Win32.HLLM.MyDoom.54464 2577 (0.67%)
19 Win32.HLLM.Beagle.27136 2471 (0.64%)
20 Win32.HLLM.Netsky.28672 2413 (0.62%)

Table 2. 20 Most prevailing viruses detected on users` computers.

 01.03.2008 - 31.03.2008 
1 Trojan.Click.17013 616364 (20.89%)
2 DDoS.Kardraw 450246 (15.26%)
3 Win32.HLLW.Autoruner.437 172355 (5.84%)
4 Win32.HLLM.Generic.440 111179 (3.77%)
5 Trojan.Inject.544 87221 (2.96%)
6 VBS.Igidak 70310 (2.38%)
7 Win32.HLLP.Jeefo.36352 57627 (1.95%)
8 Win32.HLLW.Autoruner.274 56683 (1.92%)
9 VBS.Generic.548 47483 (1.61%)
10 Win32.HLLM.Perf 46448 (1.57%)
11 BackDoor.Aimbot 44304 (1.50%)
12 Win32.HLLP.PissOff.36864 43343 (1.47%)
13 Trojan.Recycle 37074 (1.26%)
14 Win32.HLLM.Lovgate.2 35061 (1.19%)
15 Win32.HLLM.RoRo 34935 (1.18%)
16 Win32.HLLP.Zurx 33725 (1.14%)
17 Win32.Alman 33487 (1.13%)
18 Win32.HLLP.Neshta 26549 (0.90%)
19 Win32.HLLW.Autoruner.1422 26026 (0.88%)
20 Adware.BitAcc 24331 (0.82%)
Designed by mixer ®, 2006

Sign up for PayPal and start accepting credit card payments instantly.
© Copyright 2006-18 MotleySoft.com, a service of MediaPro (p.iva 09509960010). All rights reserved
All prices listed are subject to change without notice. Not responsible for typographical errors.    Privacy Policy