Multiple variants of the SpamtaLoad are plaguing local computer users, says Panda Security, with the malicious software dominating the security vendor's "top 10" list for May.
Jeremy Matthews, head of Panda Security's sub-Saharan operations, says various SpamtaLoad iterations took eight out of the top 10 slots, starting with third and fourth places, held by worm versions and the remainder by Trojan incarnations.
"Two Spamta variants sit in third and fourth place. These are worms spread by copying themselves, without infecting other files, through exploiting vulnerabilities in file formats or applications. The rest of the top 10 positions are held by the SpamtaLoad family of Trojans," Matthews says.
"Spamta uses a cyclical propagation technique - the worms are designed to distribute SpamtaLoad Trojans through e-mail, which then, in turn, download Spamta worms onto infected PCs that, again, will start to distribute the Trojans," explains Matthews.
"While the viruses themselves do not pose great danger, the motives behind their propagation assume more sinister proportions: cyber-crooks often launch attacks like these to distract attention from far more dangerous, targeted attacks that use more sophisticated, stealthy technology to steal confidential data from oblivious companies and consumers."
The most active malicious threat for the previous month, however, was the Rebooter.J Trojan, which carries out destructive actions on PCs.
"Rebooter.J does not spread automatically using its own means - it needs an attacking user's intervention in order to reach the affected computer," says Matthews.
"The means of transmission used include flash drives, CDs, e-mail messages with attachments, Internet downloads, FTP, IRC channels, and peer-to-peer file-sharing networks."
He adds the trend of targeting online gamers playing Lineage - a popular Korean medieval fantasy game - continues. In May, Lineage.GYE, a sample designed to steal passwords from online gamers, was the second most active malicious code encountered in SA.
The top 10:
Trj/Rebooter.J
W32/Lineage.GYE.worm
W32/Spamta.QO.worm
W32/Spamta.PZ.worm
Trj/Spamtaload.CK
Trj/SpamtaLoad.BZ
Trj/SpamtaLoad.BT
Trj/SpamtaLoad.BP
Trj/SpamtaLoad.BL
Trj/SpamtaLoad.BH
Related stories:
Security forum's site goes live
Gpcode strikes again
Loss through crime big concern for retailers
Share