Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Hike in trojan activity in May

The end-of-May chart shows that eight of the top ten ThreatNet detections were generic or VIPRE (Sunbelt's security software) detections, reflecting what Sunbelt says is a trend towards behaviour-based detections.

The top slot was taken by Trojan.Win32.Generic once again with 27.8% of detections, although Sunbelt notes this is down in prevalence by almost a fifth from April.

INF.Autorun detections, meanwhile, grew significantly for the second month in a row, up by more than 55%, from 2.34% of overall detections in April to 3.63% in May. This, says the company, followed an almost 40 percent increase the previous month.

Two detections new to the Top 10 list were FraudTool.Win32.AVSoft at number eight with 1.32% and Trojan.Win32.Agent at number nine with 1.28%.

Sunbelt says that FraudTool.Win32.AVSoft is a VIPRE detection for malware that installs SecurityTool rogue anti-virus software, whilst Trojan.Win32.Agent is a trojan downloader that downloads a wide variety of malcode.

Commenting on the latest monthly results, Tom Kelchner, Sunbelt's software research centre manager, said that, whilst there is a continued high volume of Trojan downloaders, the level of generic detections has steadily increased over the past few months.

This, he explained, highlights the importance of behavioural testing via a `sandbox' methodology to stop malicious applications without individual signature updates.

"This is a good strategy for stopping zero-day malicious code, or previously unknown malware, which is being generated by the bad guys with more frequency", he said.

What’s Hot on Infosecurity Magazine?