Trojans two-thirds of new malware

Johannesburg, 11 Jul 2008

Trojans accounted for more than 63% of all the new malicious codes that appeared during the second quarter of this year, says Panda Security.

The remainder was mostly adware, comprising 22.4% of the total.

"The current malware trend renders it unlikely for a Trojan to infect a large number of computers, as this would attract attention and goes against the interests of cyber-criminals, says Jeremy Matthews, head of Panda's sub-Saharan operations.

"They prefer instead to create numerous different Trojans, targeting users of a specific service or utility, for example, instead of trying to massively propagate a single example.

"This is why Trojans consistently figure as the type of malware with the most individual examples in circulation."

With respect to the virulence of specific examples, the Bagle.RP worm infected most computers, followed by the Puce.E and Bagle.SP worms.

Trojans were also the type of malware responsible for most infections in the second quarter of 2008, accounting for 28.7% of the total. Adware, which held first place in the first quarter of the year, was the cause of 22.03% of infections, and worms were the culprits in 13.52% of cases.

"Trojans are responsible for most infections, but they do it with thousands of different variants. Worms, however, operate in a different way, with perhaps one example being responsible for tens of thousands of infections. That's why in terms of individual malicious code, worms are often the most prevalent," says Matthews.

Banker Trojans

Of all types of Trojans in circulation, those designed to target online banking and payment platforms are by far the most dangerous. These are known as banker Trojans, says Matthews.

The PandaLabs second-quarter report found Sinowal, Banbra and Bancos were the three most active banker Trojan families. Other families, including Dumador, SpyForms, Bandiv, PowerGrabber and Bankpatch, also have numerous variants, while there has been less activity in the Briz, Snatch and Nuklus families of banker Trojans.

"This type of malware is causing serious losses for users around the world, particularly considering the increased use of online banking services. In 2006, in the US alone, there were already 44 million online bank users. This is a tremendous pool of potential victims for cyber-crooks. If criminals managed to steal just $100 from 1% of them, we would be talking about a haul of $44 million. And this is a very conservative estimate. The reality could be much worse," says Matthews.