December 2008
Beware of Fake Antivirus Products, According to BitDefender Labs▓ Top E-Threats in November
Fake applications and ad-serving Trojans dominate the wild
Fake antivirus products dominate November▓s top ten e-threats, according to BitDefender╝. Variants of the FakeAntivirus Trojan filled the first three positions, totaling 37-percent of November▓s top e-threats. Links to this e-threat are spread through various sources (spam, hidden redirections on shady webpages and malware already present on your computer).
When the FakeAntivirus Trojan is run from a malicious webpage, a "scan process" begins which takes about 10 seconds. During this time the "scanner" detects an enormous amount of infections - thousands of malicious files. The names of the "found" viruses are taken off lists from antivirus companies. The fake antivirus then demands money to remove the "malware" it found.
The other dominant e-threat of the month was the Wimad Trojan downloader, another fake application. The Wimad Trojan downloader claims to be an mp3 player, or a "codec." The actual file it downloads is an adware called Adware.PlayMP3z, which didn't make the top ten (having been blocked from downloading by BitDefender products).
Other notable threats of the month are Clicker.CM, in fourth place, an ad-serving Trojan, whose only claim to fame is that it was coded to bypass the Norton Internet Security pop-up blocker. At 6.2% of detections, its threat level has remained constant over the past three months, hovering around 6%.
Ranked 9th with a sizeable 2.19-percent detection, the first-ever detected variant of the Zlob Trojan backdoor proves itself to be the most widespread. Tenth place is taken over by Exploit.HTML.Agent.AQ, a javascript used to exploit a vulnerability in how Microsoft products parse VML. The exploit is usually placed in malicious or compromised webpages, or in HTML formatted e-mails, as the Outlook e-mail client is also vulnerable. Its only purpose is to download and execute malware on the infected computer.
"As the FakeAntivirus Trojans have dominated the top malware in November, it is important for computer users to be more aware of the links and webpages visited √ only opening e-mails from known senders and visiting known, secure websites,■ commented Head of Antivirus Labs, Sorin Dudea for BitDefender. ⌠However, spam and webpages are just part of the problem, which is why it is essential users ensure their computers are malware and virus free by running daily scans, using a trusted security solution.■
BitDefender▓s November 2008 Top 10 E-Threat list includes:
| Pos | Name | % |
| 1 | Adware.FakeAntiVirus.L | 14.38 |
| 2 | Adware.FakeAntiVirus.M | 11.52 |
| 3 | Adware.FakeAntiVirus.K | 11.15 |
| 4 | Trojan.Clicker.CM | 6.20 |
| 5 | Trojan.Downloader.Wimad.A | 4.95 |
| 6 | Trojan.Wimad.Gen.1 | 3.72 |
| 7 | Trojan.Downloader.WMA.Wimad.N | 2.82 |
| 8 | Trojan.Downloader.WMA.Wimad.S | 2.28 |
| 9 | Trojan.Downloader.JS.Zlob.A | 2.19 |
| 10 | Exploit.HTML.Agent.AQ | 1.62 |
| OTHERS | 39.17 |
About Bitdefender®
Bitdefender is the creator of one of the world's fastest and most effective lines of internationally certified internet security software.Since 2001, the company has been an industry pioneer, introducing and developing award-winning protection. Today, Bitdefender technology secures the digital experience of around 400 million home and corporate users across the globe.
Recently, the company has won a range of key independent recommendations in the US, UK and across Europe, including ConsumerSearch, Which?, Stiftung Warentest and Taenk. Bitdefender antivirus technology has also finished top in leading industry tests from both AV Test and AV-Comparatives. More information about Bitdefender's antivirus products is available from the company's security solutions press room. Additionally, Bitdefender publishes Malware City providing the latest updates on security threats and helping users stay informed in the everyday battle against malware.