Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Password-stealing trojans and targeted attacks the norm in November

In its monthly 'top 10 malware threats' report for November, GFI Software says that trojans dominated the threat landscape during the month, with no less than seven of the top 10 malware threats being classified as trojans.

The number-one detection – Trojan.Win32.Generic!BT – is a trojan that accounts for more than 20% of the firm's detections.

Commenting on the report, Tom Kelchner, GFI's research analyst, said that there is another picture emerging from the top 10 list this month.

Three of the malware attacks, he says, go after applications or server software that has not been patched.

"The number six detection, Exploit.PDF-JS.Gen, tries to exploit a security flaw in PDF files with embedded JavaScript. That's aiming at Adobe products. It often installs downloaders that pull down other malware from remote Web sites", he said.

According to the report, Worm.Win32.Downad.Gen – aka the Downadup worm – is in seventh slot, whilst Trojan.ASF.Wimad in ninth spot, is a detection for a group of trojan Windows media files that exploit a known vulnerability in Windows Media Player. It redirects the victims browser to a website to download malicious files.

Kelchner said that if this malware is still circulating, it means that the malcode writers are seeing a landscape with lots of unpatched and vulnerable machines.

"The conclusion is pretty clear for both enterprises and consumers: update Windows operating systems (including servers), browsers, Adobe products and media players and keep them updated", he noted.