The past few weeks we have seen a shift in the threat landscape from bothersome worms with performance-killing propagation, to a rash of financially motivated Trojans and phishing attempts. According to BitDefenders real-time threat report , nine out of ten threats infecting systems were, as of Saturday, July 3rd, Trojans. While Netsky.P is still the top e-mail infector, followed by other varieties of Netsky, Bagle and Zafi, Trojans are infecting users through web sites.
While Trojans do not propagate by themselves like viruses, they can be just as dangerous. As we reported last week, the JS.Scob.Trojan, also known as Download.Ject, downloads a keystroke logger that targets financial and password information. Further analysis of the attack that originates from a compromised web site revealed that the Download.Ject Trojan uses an Internet Explorer vulnerability to drop code on a victims machine. The code in turn downloads a spyware threat in a new form, the Browser Helper Object (BHO) DLL.
Click here for the full story at pcmag.com…