According to Sunbelt Software’s monthly listing of the most ubiquitous malware and spyware attacks, an entirely new family of threats emerged rapidly during October.
Based on the company’s research, which is aggregated using data filtered by its AV and anti-spyware technologies, Sunbelt’s report of the top ten most prevalent attacks during the month includes INF.Autorun threat, one that has not previously appeared on its radar.
“The INF.Autorun [attack] is a generic family of threats that use Autorun.inf files to automatically launch backdoors, Trojans, and Trojan downloaders when certain files or folders are accessed by the user. After execution, these malicious files will usually download additional malware to the compromised box,” Sunbelt said.
The company’s top ten most prevalent spyware threats for the month of October, in order, were:
-Virtumonde -Adware.NetAdware.Gen -Trojan.FakeAlert
In addition to the newly-arrived family, attackers continue to hammer on the time-honored angles of fake multimedia codecs and phony AV programs as they try to sneak their wares onto end users’ machines.
And, as we know, if the well-established tactics mentioned above didn’t work, the bad guys would have likely already moved onto something else that did, and they haven’t, so people are probably still taking the bait in large numbers.
Some recent reports, one published by the CSIA in particular, have found that end users are at long last becoming more cautious with their computing activity in general, but clearly, there’s still a very long way to go until we see major improvements.
So, unfortunately, at least for now, there’s little reason to think that the month of November will hold anything much different at all.
Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to SecurityWatchBlog@gmail.com.