Hackers use common packing methods to infect users

BitDefender Lab's latest malware list highlights common packing methods used by hackers.

A variety of threats, rather than a specific virus, features in the BitDefender Top 10 Malware List for February 2008. When grouped together by BitDefender virus detection engines, it was noted that all the threats used the same packing method.

"Virus writers use packers to decrease the size of the virus and to increase the cost of analysis - unpacking something packed in an as-yet unknown manner takes a lot of time and skill," said Sorin Dudea, head of BitDefender AV Research.

The Peed/Storm Trojan accounted for 16.88% of total detections, a strong resurgence given its absence from the January Top 10 Malware List.

The "popularity" of the Windows WMF vulnerability decreased as viruses using its signature accounted for 5.33% of total detections.

Lower on the list are a host of much older mass mailer viruses, on their way to irrelevancy, said BitDefender. These viruses account for approximately 6% of total detections - more than half of which are a result of Netsky.P.

"By this point, I think it is safe to say that Netsky.P is the most widespread mass mailer virus of all time," said Dudea.

BitDefender's February 2008 Top 10 malware list:

1. Packer.Malware.NSAnti.K 37.07%

2. Trojan.Peed.Gen 16.88%

3. Exploit.Win32.WMF-PFV 5.33%

4. BehavesLike:Trojan.Downloader 5.21%

5. Win32.Netsky.P@mm 3.36%

6. Win32.Parite.B 2.93%

7. Win32.NetSky.D@mm 0.92%

8. Win32.Netsky.AA@mm 0.88%

9. Win32.Nyxem.E@mm 0.69%

10. Trojan.Pandex.G 0.65%