Contactez-nous Suivez-nous sur Twitter En francais English Language

De la Théorie à la pratique

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



The Church of Trojan Graced Fortinet’s Most-Reported Threats for March 2008

April 2008 by Fortinet

Fortinet® - the pioneer and leading provider of unified threat management (UTM) solutions - today announced the top 10 most reported high-risk threats for March 2008. Sundays may be a day of rest and worship for many, but the Pushdo.EV Trojan malware was not honoring the Sabbath this past month. Fortinet threat researchers witnessed a spike in activity over four consecutive Sundays — from February-end to March-end — propelling the Pushdo variant to the top threat spot. Pushdo.EV grabbed an impressive 13.5 percent of all malware activity for the month, which allowed the Trojan family as a whole to claim credit for nearly one-third of the total number of threats observed.

With intelligence gathered from Fortinet’s FortiGate™ multi-threat security systems in production worldwide, the FortiGuard™ Global Security Research Team observed the following broad trends for the month:

• Pushdo.EV rose to the top of the list by sending out animated cards that enticed recipients with the promise of nude photos attached;
• Parasitic file infector, Virut.A, wins the award for steepest climb up the chart, landing in fourth place from its 29th position in the previous edition of this report;
• MyTob and MyDoom families continue consistent activity with four variants in the Top Ten list.

“Activities in the last month showed the strength of the Pushdo botnet, which is a clear indicator that the socially-engineered mass e-card approach continues to gain traction,” said Derek Manky, security research engineer for Fortinet. “Consumers should be reminded that legitimate e-cards are not generally sent as attachments, but rather as links to a hosting Web site. And as a rule of thumb, we should all avoid opening attachments from unsolicited emails.”

Following are the Top Ten individual threats, Top Five threat families and Top Five threat prevalence for March. Pushdo’s influence in all three lists was clearly evident. Top 100 shifts indicate positional changes compared to February’s Top 100 ranking, with “new” representing the malware’s debut in the Top 100.

Top Ten Individual Threats

Rank Threat Name Threat Type % of Detections Top 100 Shift

1 W32/Pushdo.EV!tr.dldr Trojan 13.5 new
2 W32/Netsky!similar Mass mailer 9.5 -1
3 HTML/Iframe_CID!exploit Exploit 6.5 -1
4 W32/Virut.A Virus 4.3 +29
5 W32/MyTob.BH.fam@mm Mass mailer 1.9 +7
6 W32/MyTob.FR@mm Mass mailer 1.9 +4
7 W32/Bagle.DY@mm Mass mailer 1.7 +1
8 W32/Mydoom.N@mm Exploit 1.6 -1
9 W32/MyTob.fam@mm Mass mailer 1.5 -
10 W32/Istbar.PK!tr.dldr Trojan 1.5 -1

Top Five Families Netsky continues its leadership position among malware families, but fierce competition from Pushdo’s Sunday activities closed the gap to less than one percent. Rank Malware Family Threat Type Percentage Top 10 Shift
1 Netsky Mass mailer 14.5 -
2 Pushdo Trojan 13.7 +1
3 MyTob Mass mailer 9.5 -1
4 Virut Virus 4.7 +6
5 MyDoom Mass mailer 3.6 -

Top Threat Prevalence
Thanks to Pushdo.EV, the Trojan family made up nearly one-third of all malware activities for the month.

See previous articles


See next articles