Eset: ranked the most active threats in 2012

Posted: January 28, 2013 in Articles, IT Security News
Tags: , , , , , , ,

ESET LogoEset experts submitted a report on the most active threats in 2012. Statistics were collected with the help of cloud technology ESET Live Grid.

1. First place in the ranking placed startup files in which malware is activated in the system. Typically, such a method of distribution using the threat copies itself to removable USB-drives.

2. In second and third places – a web page containing infected scripts or tags IFRAME, which will automatically redirect the user to install malicious code.

3. Fourth place belongs to the network worm Win32/Conficker, which was originally used for a vulnerability in the latest versions of Windows (Windows 2000 exposed – Windows 7).

4. On the fifth – the virus Sality. It provides a startup through the registry, and disables services related to antivirus products and security products. Able to modify the EXE and SCR.

5. The sixth line charts belongs worm Dorkbot, which spreads itself via removable media, also contains a functional characteristic of backdoors, and can receive commands from the outside (via IRC). He collects private user information such as user names and passwords for different services when you visit certain Web sites.

6. In seventh place – malicious Java-script redirects the browser to a special address URL, which contains infected code.

7. Eighth position belongs to the backdoor, which allows access to the infected computer to them.

8. On the ninth line – a virus with an auto restart function Ramnit. Infects DLL and EXE, and searches for files HTM and HTML to contain malicious code there. It uses a vulnerability in the system (CVE-2010-2568), which allows it to execute arbitrary code.

9. And, finally, closes rating Spy.Ursnif – spyware application that steals information from the infected computer and sends it to a remote server, creating a hidden account in order to allow communication through the Remote Desktop connection. Actively distributed via Blackhole Exploit Kit at the beginning of the year.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s