Security Hero Rotating Header Image

Malware

4276

4276

VBS/Slogod.NAB (2), Win32/Adware.Gamevance.AB (5), Win32/Adware.Gamevance.AC, Win32/FlyStudio.NPY, Win32/Injector.TW, Win32/PSW.OnLineGames.OMB (4), Win32/PSW.OnLineGames.OMC, Win32/Spy.Delf.NQV, Win32/TrojanDownloader.FakeAlert.AFK (2)

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6295&Itemid=26

4272

4272

Win32/Adware.UnVirex.A (2), Win32/Agent.NYU (6), Win32/AutoRun.ABH, Win32/Delf.NNN, Win32/Injector.TK, Win32/Injector.TM, Win32/Injector.TQ, Win32/KillAV.NEG, Win32/Kryptik.AAB, Win32/Kryptik.AAE, Win32/Olmarik.JV, Win32/PSW.Delf.NQR (2), Win32/Spy.Banbra.NQX, Win32/Spy.Banker.QSP, Win32/Spy.Banker.QTE, Win32/Spy.Banker.RFK, Win32/Spy.Banker.RFM, Win32/Spy.Banker.RFP, Win32/Spy.Banker.RGW, Win32/Spy.Delf.NUL, Win32/TrojanDownloader.FakeAlert.AAA, Win32/TrojanDropper.Agent.OFW

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6291&Itemid=26

4117

4117

PDF/Exploit.Pidief.ONG, VBS/TrojanDownloader.Small.L (6), Win32/Adware.BHO.GBP (2), Win32/Adware.BHO.NCG (2), Win32/Adware.GooochiBiz (4), Win32/Adware.WSearch, Win32/Agent.NXT (2), Win32/AutoRun.Agent.NP, Win32/AutoRun.Delf.BY, Win32/Delf.PFS, Win32/FlyStudio.NML, Win32/FlyStudio.NMM (5), Win32/Hupigon, Win32/Hupigon.NPE, Win32/KillAV.NDV (2), Win32/Koutodoor.AF (3), Win32/Koutodoor.G, Win32/Peerfrag.AG, Win32/Poison.NBC (2), Win32/PSW.Agent.NLP (2), Win32/PSW.OnLineGames.NMP (2), Win32/PSW.OnLineGames.NMY (3), Win32/PSW.OnLineGames.NNM, Win32/PSW.OnLineGames.NSU (2), Win32/PSW.OnLineGames.OKE, Win32/PSW.WOW.DZI, Win32/PSWTool.MailPassView.151 (4), Win32/Rootkit.Agent.NLY, Win32/Rustock.NIH, Win32/Rustock.NIK (3), Win32/Spy.Banker.AFFJ, Win32/Spy.Banker.QLG (4), Win32/TrojanDownloader.Bredolab.AA (2), Win32/TrojanDownloader.FakeAlert.AAX, Win32/TrojanDownloader.FakeAlert.ABV, Win32/TrojanDownloader.FakeAlert.ACU, Win32/TrojanDownloader.FakeAlert.ACV (2), Win32/TrojanDownloader.Zlob.CZJ, Win32/TrojanDropperDelf.NNM (2), Win32/TrojanDropper.VB.NHZ (2), Win32/Wigon.KU (2), Win32/Wigon.KY

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6089&Itemid=26

4116

4116

BAT/Qhost.NBP (2), INF/Autorun (3), PDF/Exploit.Pidief.ONM, PDF/Exploit.Pidief.ONN (2), PDF/Exploit.Pidief.ONO, PDF/Exploit.Pidief.ONP (2), Win32/Adware.BHO.NCX, Win32/Adware.Coolezweb (4), Win32/Adware.InternetAntivirus, Win32/Adware.PersonalAntivirus, Win32/Adware.SpywareRemover, Win32/Adware.SystemSecurity (18), Win32/Agent.PMR (2), Win32/Agent.WPI, Win32/AntiAV.AZQ, Win32/AntiAV.NAO (2), Win32/AutoRun.ABH, Win32/AutoRun.ADR (2), Win32/AutoRun.FakeAlert.BR, Win32/AutoRun.FakeAlert.M, Win32/AutoRun.VB.CN (2), Win32/Bagle.RG, Win32/Delf.NSQ (3), Win32/Dialer.NHQ (3), Win32/Dialer.NHR (3), Win32/FlyStudio.NMJ, Win32/FlyStudio.NMK, Win32/Hupigon.NPD, Win32/Injector.PK, Win32/IRCBot.ADZ, Win32/Koobface.NBG (2), Win32/Koutodoor.AB, Win32/Koutodoor.AD, Win32/Koutodoor.AE (4), Win32/Koutodoor.G, Win32/Kryptik.QY, Win32/Olmarik.GW (2), Win32/Olmarik.HG (4), Win32/Olmarik.IB, Win32/Peerfrag.BA, Win32/Peerfrag.BG, Win32/Peerfrag.BH, Win32/Popwin.NBJ (2), Win32/PSW.OnLineGames.NMP, Win32/PSW.OnLineGames.NMY, Win32/PSW.OnLineGames.OKC, Win32/PSW.Small.NBE (4), Win32/Qhost, Win32/Qhost.NIJ (2), Win32/Rootkit.Agent.KZU, Win32/Rootkit.Ressdt.NBS, Win32/Spy.Banker.QRW (2), Win32/Spy.Banker.QYO (3), Win32/Spy.Banker.QZB (2), Win32/Spy.Banker.QZC (2), Win32/Spy.Goldun.NFA, Win32/Spy.Zbot.JF (3), Win32/Spy.Zbot.PG (2), Win32/Spy.Zbot.RD, Win32/Spy.Zbot.RN, Win32/Tifaut.C (4), Win32/TrojanDownloader.Agent.PCZ, Win32/TrojanDownloader.Agent.PDA, Win32/TrojanDownloader.Agent.PDB, Win32/TrojanDownloader.Agent.PDC, Win32/TrojanDownloader.Agent.PDD, Win32/TrojanDownloader.Bagle.NBJ, Win32/TrojanDownloader.Bredolab.AB, Win32/TrojanDownloader.FakeAlert.AAX, Win32/TrojanDownloader.FakeAlert.ABV, Win32/TrojanDownloader.Small.OPS (2), Win32/TrojanDownloader.Zlob.CZK, Win32/VB.NHD, Win32/VB.OEY (2), Win32/Wigon.KX

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6085&Itemid=26

4114

4114

IRC/SdBot, Win32/Adware.Coolezweb (5), Win32/Adware.InternetAntivirus, Win32/Agent.WPI, Win32/AutoRun.Autoit.P, Win32/AutoRun.Delf.CB (2), Win32/AutoRun.IRCBot.AM (2), Win32/BHO.NLG, Win32/Kryptik.QW, Win32/Olmarik.HG (4), Win32/PSW.YahooPass.AF, Win32/Spy.Webmoner.NBN, Win32/Spy.Zbot.CK, Win32/TrojanClicker.Delf.NBA, Win32/TrojanClicker.Delf.NDS, Win32/TrojanClicker.Delf.NFC, Win32/TrojanDownloader.Adload.FIB (2)

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6083&Itemid=26

4113

4113

BAT/Agent.NBW, PDF/Exploit.Pidief.ONK, Win32/Adware.Antivirus2008 (2), Win32/Adware.Coolezweb (2), Win32/Adware.InternetAntivirus (5), Win32/Adware.SystemSecurity (4), Win32/Agent.NXT, Win32/Agent.PHC, Win32/Agent.PKT (2), Win32/Agent.WPI (4), Win32/AutoRun.Agent.OG, Win32/AutoRun.Agent.OH, Win32/AutoRun.Agent.OI, Win32/AutoRun.FakeAlert.AF (3), Win32/AutoRun.KS, Win32/AutoRun.VB.DQ, Win32/Boberog.AC, Win32/Dialer.NHP (2), Win32/Hupigon.NPB, Win32/Hupigon.NPC, Win32/Injector.PH, Win32/Injector.PI, Win32/IRCBot.ADZ (2), Win32/KeyLogger.BitLogic, Win32/NetPass (2), Win32/Obfuscated.NCY, Win32/Olmarik.HG (4), Win32/Poebot, Win32/Prosti.NCL (2), Win32/PSW.LdPinch.NJG, Win32/PSW.WOW.NKO (2), Win32/PSW.YahooPass.NAD (2), Win32/PSWTool.IEPassView.NAD, Win32/PSWTool.MailPassView.150, Win32/PSWTool.PassFox.111 (2), Win32/Rustock.NIH, Win32/Rustock.NIK, Win32/Sohanad.BM, Win32/Sohanad.NEJ, Win32/Spy.Banker.QZA, Win32/Spy.KeyLogger.NEC (2), Win32/Spy.Zbot.CK, Win32/Spy.Zbot.JF, Win32/Spy.Zbot.RL, Win32/Spy.Zbot.RM, Win32/StartPage.BR, Win32/StartPage.NKJ (3), Win32/TrojanClicker.Agent.NGT (2), Win32/TrojanClicker.VB.NHG (2), Win32/TrojanClicker.VB.NHH, Win32/TrojanDownloader.Agent.PAQ (2), Win32/TrojanDownloader.Agent.PCY, Win32/TrojanDownloader.Bredolab.AB (2), Win32/TrojanDownloader.FakeAlert.UX, Win32/TrojanDownloader.Small.NTQ (3), Win32/TrojanDownloader.Small.OCS (2), Win32/TrojanDownloader.Small.OOT, Win32/TrojanDownloader.Small.OPP, Win32/TrojanDownloader.Small.OPR, Win32/TrojanDownloader.Zlob.CZK, Win32/TrojanDropper.VB.NHW, Win32/TrojanProxy.Wintu.B

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6082&Itemid=26

4111

4111

INF/Autorun, Win32/Adware.Coolezweb, Win32/Adware.SuperJuan.D, Win32/Adware.Virtumonde.NEX, Win32/Adware.Virtumonde.NFI, Win32/Adware.Virtumonde.NFJ, Win32/Adware.XPGuard, Win32/Agent.PFE, Win32/Agent.PKT, Win32/Agent.PMJ, Win32/AutoRun.IRCBot.AL (2), Win32/BHO.NOR, Win32/Buzus.ASBH, Win32/Delf.IIC, Win32/Delf.ODS (2), Win32/Delf.OJC (2), Win32/Hatob.E, Win32/Injector.MI, Win32/Injector.MW, Win32/Injector.NF, Win32/Injector.OY, Win32/Injector.PD, Win32/Injector.PE, Win32/Injector.PF, Win32/Joleee.NG, Win32/KeyLogger.Ardamax.NAR, Win32/Koobface.NBG, Win32/Koutodoor.AB, Win32/Koutodoor.AC (2), Win32/Koutodoor.G, Win32/Koutodoor.V (2), Win32/Kryptik.LM, Win32/Kryptik.MC, Win32/Kryptik.MV, Win32/Kryptik.PN, Win32/Kryptik.PP, Win32/Kryptik.PT, Win32/Kryptik.QA, Win32/Kryptik.QE, Win32/Kryptik.QJ, Win32/Kryptik.QQ, Win32/Kryptik.QT, Win32/Kryptik.QU, Win32/PcClient.NDP, Win32/PcClient.NDV, Win32/Proxec.C, Win32/ShipUp.NAI, Win32/Small.YBE, Win32/SpamTool.Agent.NCL (3), Win32/Spy.Agent.NKZ, Win32/Spy.Agent.NMB, Win32/Spy.Bankpatch.BE, Win32/Spy.Zbot.AD (2), Win32/Spy.Zbot.JF (2), Win32/Spy.Zbot.RK, Win32/Tinxy.AD, Win32/TrojanClicker.Delf.BLW, Win32/TrojanDownloader.Agent.BICX, Win32/TrojanDownloader.Agent.PAC, Win32/TrojanDownloader.Banload.OOT, Win32/Votwup.A

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6080&Itemid=26

4110

4110

BAT/TrojanDownloader.Ftp.NDM, BAT/TrojanDownloader.Ftp.NDN, IRC/SdBot (2), PDF/Exploit.Pidief.ONF, Win32/Adware.AntiVirus1, Win32/Adware.Antivirus2008, Win32/Adware.AntivirusPlus (2), Win32/Adware.BHO.NCX, Win32/Adware.MySideSearch, Win32/Adware.NaviPromo (2), Win32/Adware.PersonalAntivirus (2), Win32/Adware.PrivacyComponents, Win32/Adware.UltraAntivirus2009 (3), Win32/Adware.Virtumonde (2), Win32/Adware.WinPCDefender, Win32/Agent.DKR (2), Win32/Agent.PGA, Win32/Agent.PKT, Win32/Agent.PMI (3), Win32/AntiAVNAK (2), Win32/Autoit.FV (2), Win32/AutoRun.FlyStudio.KC, Win32/AutoRun.IRCBot.AK, Win32/AutoRun.KS, Win32/AutoRun.VB.CX (2), Win32/AutoRun.VB.DP (2), Win32/Bagle.RD, Win32/BHO.NOR, Win32/Delf.ODU, Win32/Delf.OJB, Win32/Dialer.NAD, Win32/Hupigon.NOU, Win32/KillAV.NDT (4), Win32/KillProc.NAF, Win32/Kryptik.QR, Win32/Kryptik.QS, Win32/Mebroot.BL, Win32/Mebroot.BM (2), Win32/Mebroot.BN (2), Win32/Olmarik.GW, Win32/Olmarik.HG (2), Win32/Olmarik.HX (2), Win32/Olmarik.HY (2), Win32/Olmarik.HZ (2), Win32/OlmarikIA (2), Win32/Patched.AW, Win32/PcClient.NDW, Win32/Peerfrag.BD, Win32/Peerfrag.BE, Win32/PSW.Agent.NJL, Win32/PSW.OnLineGames.NMP (7), Win32/PSW.OnLineGames.NMY (11), Win32/PSW.OnLineGames.NNU (4), Win32/PSW.OnLineGames.ODJ (2), Win32/PSW.OnLineGames.OKC, Win32/PSW.OnLineGames.OKD, Win32/PSW.OnLineGames.XTT, Win32/Rootkit.Agent.NLY (2), Win32/Rustock.NIL (2), Win32/SpamTool.Agent.NCL, Win32/Spy.Banker.QYV (2), Win32/Spy.Banker.QYW (2), Win32/Spy.Banker.QYX (2), Win32/Spy.Zbot.JF (2), Win32/Spy.Zbot.RK, Win32/TrojanClicker.Delf.NHF, Win32/TrojanDownloader.Agent.OXA, Win32/TrojanDownloader.Agent.PCX, Win32/TrojanDownloader.Delf.ORH, Win32/TrojanDownloader.FakeAlert.AAX, Win32/TrojanDownloader.FakeAlert.ACE, Win32/TrojanDownloader.FakeAlert.ACT, Win32/TrojanDownloader.Small.OCS, Win32/TrojanDownloader.VB.NXX (2), Win32/TrojanDownloader.Zlob.CUG, Win32/TrojanDownloader.Zlob.CZW (2), Win32/TrojanDropper.Mudrop.NAM, Win32/TrojanDropper.VB.NHX (3), Win32/TrojanProxy.Small.NCA, Win32/Wigon.KU (2)

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6079&Itemid=26

4109

4109

IRC/SdBot, Win32/Adware.AdvancedCleaner (3), Win32/Adware.BHO.NCG, Win32/Adware.BHO.NCX, Win32/Adware.Coolezweb (2), Win32/Adware.PersonalAntivirus.AA, Win32/Adware.PersonalAntivirus.AB, Win32/Adware.SystemSecurity.AA (2), Win32/Adware.Virtumonde, Win32/Adware.WinPCDefender (2), Win32/Adware.WSearch, Win32/Agent.PME, Win32/Agent.PMF, Win32/Agent.PMG (6), Win32/Agent.PMH (2), Win32/AntiAV.NAK, Win32/AutoRun.Autoit.P, Win32/BHO.NOS, Win32/BHO.NPJ, Win32/BHO.TBL (2), Win32/Bifrose.ADR, Win32/Delf.OJA (2), Win32/Flyagent.NAV (2), Win32/Flyagent.NAW (2), Win32/FlyStudio.NMH, Win32/Injector.PB, Win32/Injector.PC, Win32/Koutodoor.AB (3), Win32/Koutodoor.G, Win32/Kryptik.QO, Win32/Kryptik.QP, Win32/Mebroot.BL, Win32/Merond.P (2), Win32/Olmarik.GW, Win32/Olmarik.HG (2), Win32/Popwin.NBI, Win32/PSW.OnLineGames.NMY, Win32/PSW.OnLineGames.OKB (3), Win32/PSW.QQPass.NEH (4), Win32/Rootkit.Agent.NLZ (2), Win32/Rootkit.Podnuha.NCB, Win32/Rustock.NIH, Win32/Rustock.NIK, Win32/Spy.Agent.NNQ, Win32/Spy.Banbra.NPR (2), Win32/Spy.Banker.QQJ, Win32/Spy.Banker.QYP (2), Win32/Spy.Banker.QYQ (2), Win32/Spy.Banker.QYR (2), Win32/Spy.Banker.QYS (2), Win32/Spy.Banker.QYT (2), Win32/Spy.Banker.QYU (2), Win32/Spy.Delf.NUL (2), Win32/SpyBot (2), Win32/StartPage.BR, Win32/TrojanDownloader.Adload.NFC, Win32/TrojanDownloader.Agent.PCW (2), Win32/TrojanDownloader.Autoit.NAM, Win32/TrojanDownloader.Bredolab.AA (2), Win32/TrojanDownloader.FakeAlert.AAX, Win32/TrojanDownloader.FakeAlert.ACS (2), Win32/TrojanDownloader.Flux, Win32/TrojanDownloader.Small.OPO, Win32/TrojanDownloader.Swizzor.NCA (2), Win32/TrojanDownloader.Zlob.CZK, Win32/TrojanDownloader.Zlob.CZV (3), Win32/TrojanDropper.Agent.OBD, Win32/TrojanDropper.Delf.NNK, Win32/VB.NRL, Win32/VB.OET (3)

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6078&Itemid=26

4108

4108

IRC/SdBot (2), SWF/Exploit.Agent.AB (2), Win32/Adware.Antivirus2008, Win32/Adware.BHO.NCX, Win32/Adware.SpywareProtect2009 (2), Win32/Adware.XPGuard, Win32/Agent.PIS, Win32/Agent.PIX, Win32/AutoRun.Agent.IE (3), Win32/AutoRun.FlyStudio.KB, Win32/AutoRun.VB.CD, Win32/Delf.NHH, Win32/Injector.MB, Win32/Injector.MC, Win32/Injector.MD, Win32/Injector.NV, Win32/IRCBot.ADZ, Win32/Koutodoor.AB (4), Win32/Koutodoor.G, Win32/Kryptik.QN, Win32/Lanc.A, Win32/Pacex.Gen (2), Win32/PSW.OnLineGames.OIX, Win32/PSW.YahooPass.NAD, Win32/StartPage.BR, Win32/TrojanClicker.Agent.NGS (2), Win32/TrojanDownloader.Agent.OXU, Win32/TrojanDownloader.Agent.OYU, Win32/TrojanDownloader.Banload.OOC, Win32/TrojanDownloader.Banload.OOP, Win32/TrojanDownloader.Bredolab.AA (2), Win32/TrojanDownloader.Delf.ORH, Win32/TrojanDownloader.Small.OKW (2), Win32/TrojanDownloader.VB.NWO, Win32/TrojanDownloader.Zlob.CZK, Win32/TrojanDropper.Agent.NSS, Win32/TrojanProxy.Small.NCA, Win32/Wigon.KU

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6077&Itemid=26

4107

4107

BAT/Qhost.NBP (2), Win32/Adware.PersonalAntivirus (3), Win32/Adware.SystemSecurity (3), Win32/Adware.SystemSecurity.AA, Win32/Adware.WinPCDefender (6), Win32/Agent.CCWW, Win32/Agent.NYJ (2), Win32/Agent.PMD, Win32/AutoRun.ABH (4), Win32/AutoRun.FakeAlert.AF, Win32/AutoRun.FlyStudio.KA, Win32/Delf.NSE, Win32/Injector.PA, Win32/Koobface.NBG (2), Win32/Kryptik.QM, Win32/Qhost, Win32/Spy.Banker.QQJ (3), Win32/Spy.Webmoner.NBR (3), Win32/Spy.Zbot.JF, Win32/TrojanDownloader.Agent.OZA, Win32/TrojanDownloader.DelfOTP, Win32/TrojanDownloader.Small.NZM, Win32/TrojanDropper.Agent.OBC

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6076&Itemid=26

4106

4106

BAT/Agent.NBV (2), INF/Autorun, Win32/Adware.PersonalAntivirus, Win32/Adware.SystemSecurity, Win32/Adware.SystemSecurity.AA, Win32/Adware.WinPCDefender (2), Win32/Agent.CIHM, Win32/Agent.NYI (6), Win32/Agent.PLZ (2), Win32/Agent.PMA, Win32/Agent.PMB (3), Win32/Agent.PMC, Win32/Autoit.AG, Win32/BHO.NOR, Win32/Buzus.AZGJ, Win32/Daonol.B, Win32/Daonol.C, Win32/Delf.NFV (2), Win32/Delf.ODU, Win32/Delf.OIY, Win32/Delf.OIZ (2), Win32/FlyStudio.NMG (2), Win32/Hupigon.NOY (2), Win32/Koutodoor.AA (3), Win32/Koutodoor.G, Win32/Kryptik.QK, Win32/Kryptik.QL, Win32/Olmarik.GW (2), Win32/Olmarik.HG (4), Win32/Rootkit.Ressdt.NBO, Win32/SpamTool.Agent.NCL, Win32/Spy.Agent.NNS, Win32/Spy.Banbra.NPQ, Win32/Spy.Banker.QNJ, Win32/Spy.KeyLogger.ME (4), Win32/Spy.VB.NDV, Win32/Spy.Zbot.JF (3), Win32/Spy.Zbot.NJ, Win32/Spy.Zbot.RI, Win32/Spy.Zbot.RJ, Win32/StartPage.NJS, Win32/TrojanClicker.Delf.NDJ, Win32/TrojanClicker.Delf.NDK, Win32/TrojanClicker.Delf.NDR (3), Win32/TrojanClicker.Delf.NGK, Win32/TrojanClicker.Delf.NGM, Win32/TrojanClicker.Delf.NHF, Win32/TrojanClicker.VB.NHF, Win32/TrojanDownloader.Agent.OYF, Win32/TrojanDownloader.Delf.OIF, Win32/TrojanDropper.Agent.OBB, Win32/TrojanDropper.Mudrop.ABZ, Win32/VB.OES (3)

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6073&Itemid=26

4105

4105

BAT/TrojanDownloader.Ftp.NDK, BAT/TrojanDownloader.Ftp.NDL, PDF/Exploit.Pidief.OND, PDF/Exploit.Pidief.ONE, VBS/Naiad.O, W97M/Exploit.Agent.K, Win32/Adware.AntiSpyware2008 (2), Win32/Adware.BHO.NCX, Win32/Adware.Coolezweb (6), Win32/Adware.Coolezweb.AB (2), Win32/Adware.Coolezweb.AC (2), Win32/Adware.SpywareProtect2009, Win32/Adware.SystemSecurity (3), Win32/Adware.WinPCDefender (3), Win32/Agent.AFTS, Win32/Agent.HLU, Win32/Agent.NGL (3), Win32/Agent.OOJ, Win32/Agent.PLS (2), Win32/Agent.PLT (4), Win32/Agent.PLU, Win32/Agent.PLV (2), Win32/Agent.PLW (2), Win32/Agent.PLX, Win32/Agent.PLY (2), Win32/AntiAV.AZQ, Win32/AntiAV.NAN (2), Win32/AutoRun.Agent.OF, Win32/AutoRun.FakeAlert.BP, Win32/AutoRun.FlyStudio.JY, Win32/AutoRun.FlyStudio.JZ, Win32/AutoRun.IRCBot.AJ (3), Win32/AutoRun.IRCBot.Q, Win32/AutoRun.KS (3), Win32/BHO.NPI, Win32/Boberog.AB, Win32/Delf.ODU, Win32/Delf.OIX, Win32/FakeInit.M (3), Win32/FlyStudio.NME, Win32/FlyStudio.NMF (8), Win32/Fujacks.BK, Win32/Injector.OZ, Win32/IRCBot.AMC (2), Win32/Koutodoor.G, Win32/Koutodoor.Z (3), Win32/Kryptik.QG, Win32/Kryptik.QH, Win32/Kryptik.QI, Win32/Olmarik.GW (9), Win32/Olmarik.HG (18), Win32/Peerfrag.BB, Win32/Peerfrag.BC, Win32/PSW.OnLineGames.OWG (2), Win32/PSW.WOW.NKN, Win32/Qhost, Win32/Rootkit.Agent.NLR (5), Win32/Rootkit.Ressdt.NBK, Win32/Rootkit.Ressdt.NBL, Win32/Rootkit.Ressdt.NBM, Win32/Rootkit.Ressdt.NBN, Win32/Rustock, Win32/Rustock.NIK, Win32/Sohanad.BM, Win32/Sohanad.NEI, Win32/Spy.Ambler.AA (3), Win32/Spy.Ambler.AB (3), Win32/Spy.Banker.QYL (2), Win32/Spy.Banker.QYM (2), Win32/Spy.Banker.QYN, Win32/Spy.Banker.QYO (2), Win32/Spy.Delf.NUM (4), Win32/Spy.Ursnif.A (4), Win32/Spy.Webmoner.NBQ, Win32/Spy.Zbot.GW, Win32/Spy.Zbot.JF (4), Win32/Spy.Zbot.NJ, Win32/Tifaut.C (2), Win32/TrojanClicker.VB.NHD, Win32/TrojanClicker.VB.NHE (3), Win32/TrojanDownloader.Agent.PCV (4), Win32/TrojanDownloader.Bredolab.AA, Win32/TrojanDownloader.FakeAlert.AAX, Win32/TrojanDownloader.FakeAlert.ACR (2), Win32/TrojanDownloader.FakeAlert.YZ, Win32/TrojanDownloader.Small.NKM, Win32/TrojanDownloader.Small.OPN (10), Win32/TrojanDownloader.VB.NXC (4), Win32/TrojanDownloader.Zlob.CZK, Win32/TrojanDownloader.Zlob.CZU (4), Win32/TrojanDropper.Delf.NNJ, Win32/TrojanProxy.Agent.LV, Win32/TrojanProxy.Agent.NFL (2), Win32/TrojanProxy.Ranky.NCN, Win32/VB.OEQ (4), Win32/VB.OER

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6071&Itemid=26

Threatscape Report – May 2009 Edition

Threatscape Report – May 2009 Edition

The following statistics are compiled from Fortinet’s FortiGate network security appliances and intelligence systems for the period April 21st – May 20th, 2009.

Table of Contents:


FortiGuard Global Threat Research

Exploits and Intrusion Prevention

Top 10 Exploitations & Regions

Top 10 exploitation attempts detected for this period, ranked by vulnerability traffic. Percentage indicates the portion of activity the vulnerability accounted for out of all attacks reported in this edition. Severity indicates the general risk factor involved with the exploitation of the vulnerability, rated from low to critical. Critical issues are outlined in bold:

Rank Vulnerability Percentage Severity
1 MS.DCERPC.NETAPI32.Buffer.Overflow 8.2 Critical
2 SSLv3.SessionID.Overflow 6.8 High
3 MS.Windows.NAT.Helper.DNS.Query.DoS 5.9 High
4 MS.Windows.MSDTC.Heap.Overflow 5.9 Medium
5 MS.Exchange.Mail.Calender.Buffer.Overflow 4.2 High
6 MS.SMB.DCERPC.SRVSVC.PathCanonicalize.Overflow 3.7 High
7 MS.SQL.Server.Empty.Password 3.0 High
8 MS.IE.HTML.Attribute.Buffer.Overflow 2.1 High
9 Multiple.Vendor.ICMP.Remote.DoS 1.7 Low
10 MS.Windows.ASN.1.Bitstring.Overflow 1.6 High


Figure 1a: Top 5 regions by detected exploit attempts

New Vulnerability Coverage

There were a total of 140 vulnerabilities added to FortiGuard IPS coverage this period.
Of these added vulnerabilities, 65 were reported to be actively exploited (46.4%).

Figure 1b breaks down added vulnerabilities by severity, coverage and active exploitation in the wild.

For more information, observe the detailed reports for this period at:


Figure 1b: New vulnerability coverage for this edition, categorized by severity

Malware Today

Top 10 Variants

Top 10 malware activity by individual variant. Percentage indicates the portion of activity the malware variant accounted for out of all malware threats reported in this edition. Top 100 shifts indicate positional changes compared to last edition’s Top 100 ranking, with “new” highlighting the malware’s debut in the Top 100. Figure 2 below shows the detected volume for the malware variants listed within the Top 5:

Rank Malware Variant Percentage Top 100 Shift
1 W32/Dropper.PTD!tr 34.5 +1
2 W32/Virut.A 7.7 -1
3 HTML/Iframe.DN!tr.dldr 4.2 +3
4 W32/Netsky!similar 3.2 +3
5 Adware/AdClicker 3.2 +4
6 HTML/Iframe_CID!exploit 3.0 +2
7 W32/PackWaledac.B 2.8 new
8 W32/MyTob.fam@mm 1.7 +2
9 W32/Delf.AYO!tr 1.2 +6
10 W32/Virut.E 1.1 +27
<img align=middle src=”http://www.fortigua

URL: http://www.fortiguardcenter.com/reports/roundup_may_2009.html

4104

4104

BAT/Agent.MO, IRC/SdBot, PDF/Exploit.Pidief.ONC, Win32/Adware.Virtumonde.NFD, Win32/Agent.OSE (2), Win32/AutoRun.FakeAlert.BN, Win32/AutoRun.FakeAlert.BO (2), Win32/AutoRun.FlyStudio.JX, Win32/AutoRun.VB.DO (2), Win32/Delf.NSE, Win32/Hupigon.NCT, Win32/Injector.MW, Win32/LockScreen.M, Win32/Mebroot.Z, Win32/Pacex, Win32/PcClient, Win32/PSW.OnLineGames.NMP (2), Win32/PSW.OnLineGames.NMY (4), Win32/PSW.OnLineGames.NNU (2), Win32/PSW.OnLineGames.ODJ, Win32/Spy.Banker.QYI, Win32/Spy.Banker.QYJ (2), Win32/Spy.Banker.QYK, Win32/Spy.Zbot.JF (2), Win32/Spy.Zbot.NJ (2), Win32/TrojanClicker.Agent.NEB, Win32/TrojanDownloader.FakeAlert.ACQ (2), Win32/VB.OEP (4)

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6070&Itemid=26