System Diary Technology News Blog

The company ESET said that in June, with the help of early-warning systems ThreatSense.Net was recorded increased activity of the Trojan JS / TrojanDownloader.Pegel.BR.

This malware is a script that is added to the Web page and automatically redirect visitors to infected sites. After this occurs downloading and execution of malicious code on vulnerable computers. This threat, known as specialists ESET as JS / TrojanDownloader.Pegel.BR, distributed throughout Europe very rapidly. As a percentage equivalent to the total number of infected computers, its share is already 2.29%, which ensured Troyan fifth place in the world ranking of threats. Despite the fact that malware JS / TrojanDownloader.Pegel.BR had not yet spread in Ukraine, experts strongly recommend ESET Ukrainian users to be extremely careful when downloading files from the Internet network.

In June, the family Conficker continues to be active. Win32/Conficker which holds monthly palm among malicious software in the world (9,79%) and Ukrainian (19.42%) ratings of threats. This worm spreads through the vulnerability of Windows, which is located in the subsystem RPC (RPC), as well as through unprotected public folders and removable media. Also widespread is the threat of INF / Conficker – another representative of the famous family. Using the file autorun.inf, this malware is circulating last variation Conficker worm to infect PCs. A large number of infected computers around the world and in Ukraine, including (1,47% 1,66%, respectively, and) provides this threat lidiruschie positions in ratings of malware.

Experts strongly recommend ESET users to reliably protect personal data, because they do not concede its position such threats as Win32/Agent, Win32/PSW.OnLineGames and Win32/Tifaut, designed to steal confidential information. Users should also beware of malware INF / Autorun, which uses the opportunity to autorun on removable storage media and runs malicious code every time you connect a removable storage media to the computer, as well as “novelty” of last month – Win32/Sality, predstavlyauschuyu a polymorphic virus that modifies the EXE and SCR files and disables antivirus programs.

The beginning of summer could not “please” users with new viruses. In the top-10 world ranking of threats in June, presented two “novelties» – Win32/Qhost (1,16%), and HTML / ScrInject.B (0,84%). Trojan Win32/Qhost distributed via e-mail and gives hackers access to infected computers. Before starting this threat copies itself to the folder Windows% system32%, and then modifies the host file to redirect traffic to the domains of the attacker. The threat of HTML / ScrInject.B detects HTML web pages with confusing scripts or IFRAME tag, which automatically redirect to malicious software downloads.

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.