Johannesburg, 16 May 2012
The latest Microsoft Security Intelligence Report (SIRv12), which outlines malware and other threat trends over the latter part of last year, highlights the top 10 malware and potentially unwanted software families prevalent in SA.
* The second part of each entry is the threat category of the particular family, while figures in brackets represent the percentage of cleaned computers.
1. Win32/Autorun - Worms (18.4%)
2. Win32/Vobfus - Worms (12.1%)
3. Win32/Rimecud - Worms (11.0%)
4. JS/Pornpop - Adware (7.8%)
5. Win32/Keygen - Potentially unwanted software (7.8%)
6. Win32/Virut - Viruses (5.6%)
7. Win32/Nuqel - Worms (5.1%)
8. Win32/Sality - Viruses (5.0%)
9. Win32/Mabezat - Viruses (4.5%)
10. Win32/Conficker - Worms (4.4%)
Topping the list of threats, Win32/Autorun is a family of worms that spreads by copying itself to the mapped drives of an infected computer. The mapped drives may include network or removable drives.
The second most common threat family, Win32/Vobfus, is a family of worms that spreads via network drives and removable drives and downloads or executes arbitrary files. Downloaded files may include additional malware.
Following Vobfus, in third place, is Win32/Rimecud, which is also a family of worms, and has multiple components that spread via fixed and removable drives and via instant messaging. It also contains backdoor functionality that allows unauthorised access to an infected system.
Fourth most prevalent, JS/Pornpop, is a generic detection for specially crafted JavaScript-enabled objects that attempts to display pop-under advertisements, usually with adult content.
Share