Security News
May Virus Top 10
Mon, 16 July 2007
Winds of change
Avira presents today the malware hierarchy for May, based on statistic data and antivirus experts’ points of view. The difference between Netsky and Stration.Gen becomes smaller and smaller every month. PosteItaliane became the new leader of phishing rankings.
May was the month of surprises and we expect that in the next period we will confront with significant changes - new types of malware and new techniques of deceiving people.
After it's disappearance at the beginning of 2006, Sober has returned to infect gullible users. On 4 May, a new version of the Sober was discovered inside emails with subjects such as "your password was changed!" or "your account was set up!". AntiVir has detected Worm/Sober in advance with the heuristic as "Worm/Sober.GEN" and with the update of the virus definition file as "Worm/Sober.AB".
Another threat discovered in May, which is also a veteran, is the Trojan distributed via fake LKA emails. In the email that pretended to be from the LKA Rheinland-Pfalz (State Office of Criminal Investigation of Rhineland-Palatinate) the recipient is accused of having downloaded copyrighted material from the Internet at swap meets. The Trojan was detected with the identity: vdf 6.38.1.92 / ivdf 6.38.1.96 as "TR/Dldr.iBill.AP".
As we said at the beginning of this analyze, TR/Dldr.Stration.Gen is following Netsky.P very closely. The difference between them is only 1 %. Maybe next motnh we'll have another new first threat. The time will tell.
Worm/Womble.D disappeared from our charts and we had a new entry directly to the last position - Sober.Gen, but we already talked about this threat.
In May, the proportion of spam emails reached 83.69 % of all malware trapped. Phishing emails made up to 11.59 % of all viral codes found by Avira and the viruses represented 4.72%.
Here is a shot of our May Virus Top 10:
|
|
For technical information on any of these worms, please see the detailed descriptions on the Avira website. Also, please keep in mind that all Avira users are perfectly protected against these threats.
Make sure you update your Avira product on a regular basis in order to detect the latest threats.
|
After a long time, the phishing hierarchy has a new number-one target of phishing authors - the phishing attack of
PosteItaliane. As we anticipated last month, when PosteItaliane just entered into our phishing charts directly on the third position, this phishing attack goes sky high on our phishing rankings with 41.33 % of all phishing attacks.
And the new entry of this month is the phishing La Caixa. Also, is interesting that PayPal is now on the third position after Ebay.
|
|
For more information on how to recognize a phishing fraud, take your time to read our dedicated page |
In May the new targets of phishing attacks were: 1st United Services Credit Union,
America's Credit Union, Banca RASBANK, CareerBuilder, Commerce Bank,
Postbank.nl, State Department Federal Credit Union, Heritage Oaks Bank, North Island Credit Union, Black Hills Federal Credit Union, Pentagon Federal Credit Union, Rainbow Federal Credit Union, Openbank, Southeast Financial Federal Credit, Utah Community Credit Union and
Warren Federal Credit Union.
Avira strongly recommends all users to be careful with suspicious emails and unexpected attachments, no matter what interesting subjects they might claim to be carrying and to update their security product on a regular basis.
For more information on how to recognize a phishing fraud, take your time to read our dedicated page:
http://www.avira.com/en/threats/what_is_phishing.htmlRemember that we are here to assist you against the malware threat. Get rid of your doubts when facing a suspect file: just send it to and we will analyze it for you. Take a moment to see how to submit malware and then follow our instructions to send the suspicious file:
http://www.avira.com/en/support/submit_suspicious_files.html
Virus threats 
Print this page
.gif)
