Another Autorun era continues

Every month, ESET compiles a top list of computer viruses that spread around the world to find out which malware is currently threatening users' computers. The current analysis lists the viruses that came in the top ten on this negative top list in July 2012.

It seems that even though we "buried" the previously eight-month-long Autorun virus in January of this year, there is nothing to be done, the malware has been at the forefront for the third month now. 

The malware, which has been around for four years, is still high on the list, as the Win32 / Conficker network worm, which exploits a vulnerability in Microsoft Windows compared to last month, has slipped just one place down to third. It is noteworthy that not only is the Windows vulnerability described in the unpatched security bulletin MS08-067 a potential vulnerability, but even passwords used for system-level shares that are too simple and thus easy for the worm to guess with a dictionary. That is, downloading and running patches is vital for protection, and using a strong enough password is also an essential part of creating security, which can of course be complemented by using a properly configured and updated antivirus.

Again, we can welcome the Trojans of Win32 / Spy.Ursnif.A among the list members. It is spyware that steals personal information from an infected computer and then attempts to send it using a Remote Desktop by creating a hidden user account. Based on data from July, it had just climbed to the top list, ranking tenth with 0.85% of infections.

 

This month's release of the ESET Global Trends Report focuses on the fact that The Anti-Phishing Working Group (APWG) has just released an evaluation of its first-quarter 2012 data on phishing activity. Based on the summary, we can say that in February this year, the highest number of unique phishing websites of all time was measured, it was almost 57 thousand phishing pages. Of course, no one expected such activity to go away on its own once, but it can be frightening to find that the proportion of data-thief Trojans has decreased only minimally and remains at 35.51 percent.

It is also interesting to note that, according to a survey conducted at the Microsoft TechEd conference in June, 51 percent of respondents thought there had already been specific targeted phishing action against their workplace. Truth be told, most companies have to worry about this, and security companies as well as policy participants can explicitly expect the attackers to be “more prominent”.

 

Source: Press release