Related Links

Top 5 Stories


INF/Autorun malware is most prevalent malware in July

21 August 2012

ESET has published its statistics on malware in July. The figures are compiled from live data retrieved by ESET systems around the world, and provide an accurate reflection on what malware currently resides on people’s computers.

The headline figures are surprising. Worldwide, INF/Autorun malware and Conficker take first and third position respectively. “Somehow INF/Autorun is still top of the pops, in spite of Microsoft's neutering of the Autorun vector,” ESET senior research fellow David Harley told Infosecurity. “And even though the Conficker botnet is essentially dormant, there are enough residual infections for our telemetry to keep picking up their presence.”

While the eye might be drawn to the headlines, ESET’s researchers tend to look lower down. “The most interesting statistics aren't necessarily the big numbers (unless there's a sudden explosion of something),” said Harley. “Because the infected population is so large and our detections are usually very generic, they tend to change fairly slowly. Often the interesting stories are related to comparatively low and often localized infected populations.” He singled out “Dorifel/Quervar in the Netherlands”, indicating that a new analysis may be published by ESET later today, and “Stuxnet and its siblings in Iran and the Middle East.”

Neither of these outbreaks are sufficiently widespread to figure highly in global league tables, but are of particular interest and concern to the researchers. Dorkut may be an exception to these general principles. It figures high on the global tables (coming in fifth) but is both local to South America and of great interest. Called Ngrbot by its author, Dorkut has rapidly become the weapon of choice for Latin American cybercriminals, spreading via removeable media and social networks. ESET has detected numerous small botnets being used to steal home banking credentials, and will be presenting a paper on the subject at next month’s VB2012 conference in Dallas.

This article is featured in:
Internet and Network Security  •  Malware and Hardware Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×