Hackers use common packing methods to infect users


Hackers use common packing methods to infect users

Antony Savvas

BitDefender Lab's latest malware list highlights common packing methods used by hackers.

A variety of threats, rather than a specific virus, features in the BitDefender Top 10 Malware List for February 2008. When grouped together by BitDefender virus detection engines, it was noted that all the threats used the same packing method.

"Virus writers use packers to decrease the size of the virus and to increase the cost of analysis - unpacking something packed in an as-yet unknown manner takes a lot of time and skill," said Sorin Dudea, head of BitDefender AV Research.

The Peed/Storm Trojan accounted for 16.88% of total detections, a strong resurgence given its absence from the January Top 10 Malware List.

The "popularity" of the Windows WMF vulnerability decreased as viruses using its signature accounted for 5.33% of total detections.

Lower on the list are a host of much older mass mailer viruses, on their way to irrelevancy, said BitDefender. These viruses account for approximately 6% of total detections - more than half of which are a result of Netsky.P.

"By this point, I think it is safe to say that Netsky.P is the most widespread mass mailer virus of all time," said Dudea.

BitDefender's February 2008 Top 10 malware list:

1. Packer.Malware.NSAnti.K 37.07%

2. Trojan.Peed.Gen 16.88%

3. Exploit.Win32.WMF-PFV 5.33%

4. BehavesLike:Trojan.Downloader 5.21%

5. Win32.Netsky.P@mm 3.36%

6. Win32.Parite.B 2.93%

7. Win32.NetSky.D@mm 0.92%

8. Win32.Netsky.AA@mm 0.88%

9. Win32.Nyxem.E@mm 0.69%

10. Trojan.Pandex.G 0.65%

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy