Tales of the unexpected...and the expected: Malware statistics for June

• Text size
•  
•  

Kaspersky LabKaspersky Lab, a leading developer of secure content management solutions, announces the publication of its Monthly Malware Statistics for June 2010.

There was a surprise return to the Top 20 list of malware detected on the Internet for Trojan-Downloader.JS.Pegel.b. This script downloader, designed to infect legitimate websites, returned to the list in third place after a period of relative obscurity. When a user visits an infected page, Pegel redirects them to a site controlled by a cybercriminal, which in turn surreptitiously downloads various malicious programs to the victim's computer. Pegel.b makes use of a variety of PDF exploits and the Java CVE-2010-0886 exploit.

Unlike Pegel.b, the presence of the Exploit.JS.Pdfka family in our rating came as no surprise. The release of every new update from Adobe is now accompanied by several variants of this exploit which inevitably make it into our Top 20 malicious programs. In June alone, three variants of Exploit.JS.Pdfka entered the list of Internet-borne malware at sixth, eighth and fourteenth places.

A total of six exploits made it into this Top 20 list in June. Unfortunately, users are still relatively blasé about security updates that are issued on a regular basis by software vendors, leaving their computers vulnerable to malicious attacks, exploit Agent.bab in second place being a case in point. It uses the CVE-2010-0806 Windows vulnerability, detected back in March of this year, to download different malicious programs to users' computers. In June the number of individual attempts to download this piece of malware from websites exceeded 340,000.

For the majority of cybercriminals, confidential data offers rich pickings and a new variant of the popular P2P-Worm.Palevo in eleventh place actively seeks out any confidential data entered into a user's browser window. Peer-to-Peer file sharing using programs such as BearShare, iMesh, Shareaza and eMule is one of the main methods by which this worm propagates. It makes multiple copies of itself in folders used to store files that are commonly downloaded and uploaded, giving catchy names to those copies in the hope that they will attract the attention of potential victims. Other means by which P2P-Worm.Win32.Palevo.fuc propagates include multiple copying to network folders and other network resources, sending links via instant messengers and by teaming up with Trojan.Win32.Autorun to infect any kind of removable device that it may come into contact with.

The full version of the malware statistics for June can be found at Securelist.com.

-Ends-

About Kaspersky Lab
Kaspersky LabKaspersky Lab is the largest antivirus company in Europe. It delivers some of the world's most immediate protection against IT security threats, including viruses, spyware, crimeware, hackers, phishing, and spam. The company is ranked among the world's top four vendors of security solutions for endpoint users. Kaspersky LabKaspersky Lab products provide superior detection rates and one of the industry's fastest outbreak response times for home users, SMBs, large enterprises and the mobile computing environment. Kaspersky® technology is also used worldwide inside the products and services of the industry's leading IT security solution providers. Learn more at www.kaspersky.com. For the latest on antivirus, anti-spyware, anti-spam and other IT security issues and trends, visit www.securelist.com

For further information please contact:
Cynthia Darwish
Associate Account Manager
GolinHarris, Dubai
Tel: +971 50216 3352

© Press Release 2010