Malware report reveals popularity of Windows shortcut exploits

The Conficker worm continues to top the Kaspersky charts
The Conficker worm continues to top the Kaspersky charts

Of the top 20 malicious programs detected by Kaspersky, exploits targeting the Windows shortcut vulnerability outlined in CVE-2010-2568 were among the most prolific newcomers to the security vendor’s malware list.

Stuxnet worms designed to exploit the Windows vulnerability took home 9th and 12th place among the top 20, with a trojan dropper used to spread the Sality virus coming in at 17th. This is according to a recent blog posting by Kaspersky’s Vyacheslav Zakorzhevsky.

The exploit, which prompted Microsoft to issue an emergency patch, “generates vulnerable LNK shortcuts with names designed to attract attention and spreads these across local networks”, Zakorzhevsky said. “The malware is launched when a user opens a folder containing one of these shortcuts.”

He also added that the main objective of the trojan dropper (Trojan-Dropper.Win32.Sality.r) is to install the latest, modified version of the Sality virus, a piece of malware that came in 16th on the list.

Another noteworthy finding includes the continued proliferation of Conficker variants being tracked by Kaspersky. Unchanged from the previous month’s data, the firm said the worm’s variants continue to hold three of the top four positions on its malicious programs list, including the number one spot.

What’s Hot on Infosecurity Magazine?