As it does every month, PandaLabs has drawn up the list of the ten viruses most frequently detected by ActiveScan, the free online antivirus solution from Panda Software.
As happened throughout 2006, the January Top Ten is headed by Sdbot.ftp, a generic detection of the script used by some malicious code to exploit certain vulnerabilities and download a sample of the Sdbot family of worms to targeted computers. Torpig.A remains second in the list, a position it has held since last October. Torpig.A is a Trojan designed to steal confidential information from computers, including passwords saved by certain Windows services.
There has been some variation in the next few positions in the Top Ten, although not very significant. Puce.E, fourth last month, takes third place, whereas Abwiz.A has moved up from fifth place into fourth. The first major change in the ranking comes with the fifth position occupied by PcClient.DU, a backdoor Trojan that didn’t make the Top Ten last month. This code allows attackers to take control of the victim’s computer remotely.
Â
Â
|
Virus |
% of infections |
Previous position |
|
W32/Sdbot.ftp.worm |
1,96 |
1 = |
|
Trj/Torpig.A |
1,46 |
2 = |
|
W32/Puce.E.worm |
1,17 |
4 up |
|
Trj/Abwiz.A |
1,16 |
5 up |
|
Bck/PcClient.DU |
0,99 |
New |
|
W32/Brontok.H.worm |
0,94 |
9 up |
|
Tr j/QQPass.JZ |
0,94 |
3 down |
|
W32/Netsky.P.worm |
0,87 |
8 = |
|
W32/Nuwar.B.worm |
0,68 |
New |
|
W32/Bagle.HX.worm |
0,63 |
New |
Â
Â
Another major change is the fall of QQpass.JZ from third place to seventh, whereas Brontok.H takes sixth place, coming up from ninth position. In eight place remains the old-timer Netsky.P, a worm that exploits certain Internet Explorer vulnerabilities in order to spread.The last two places in the ranking are occupied by two malicious codes not present last month:Â Nuwar.B, a worm that had certain repercussion at the start of the month as it spread in emails trying to pass themselves off as Christmas greetings, and Bagle.HX, a worm that downloads files, malware included, to infected computers and has rootkit features to hide its processes.
“An aspect worth mentioning is the fact that the percentage of computers infected by the codes that occupy the top five positions in the ranking has increased this month. This shows that, despite the sense of security among most users, Internet threats are still present and very active. Moreover, there is the added danger that, lately, the great majority of threats aim at stealing users’ moneyâ€, explains Luis Corrons, Technical Director of PandaLabs.
All users that want to know whether their computers have been attacked by these or other malicious code can use ActiveScan, the free solution available at: http://www.pandasoftware.com/activescan. It will carry out a complete inspection of the computer should there be any hints of infection.
