Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Microsoft Security Intelligence Report (July through December 2007) – Key Findings Summary (Australia, Canada, Germany, Japan, Netherlands and Norway)

June 22nd 2008 in Uncategorized

Downloadable here:
http://www.microsoft.com/downloads/details.aspx?familyid=671355c2-4002-4671-8619-95c96c8a897f&displaylang=en&tm


The worldwide average was malware removal from 1 out of every 123 Windows-based computers in the second half of 2007.


Summary – Australia


During each month in the second half of 2007, the Microsoft Malicious Software Removal Tool (MSRT), on average, removed malware from 1 out of every 204 Windows-based computers it was executed on.


Zlob (Trojan) 6.9%
Starware (Potentially unwanted software) 4.4%
Hotbar (Adware) 2.7%
WhenU (Adware) 3.3%
Winfixer (Potentially unwanted software) 2.7%
Agent (Trojan and trojan downloader) 2.6%
All others – 77.7%


Summary – Canada


During each month in the second half of 2007, the Microsoft Malicious Software Removal Tool (MSRT), on average, removed malware from 1 out of every 172 Windows-based computers it was executed on.


Zlob – 6.4%
Hotbar – 4.6%
Agent – 4.2%
Starware – 4.0%
ZangoSearchAssistant (Adware) – 3.1%
WhenU – 3.1%
All others – 73.6%


Summary – Germany


During each month in the second half of 2007, the Microsoft Malicious Software Removal Tool (MSRT), on average, removed malware from 1 out of every 226 Windows-based computers it was executed on.


Zlob – 12.2%
WhenU – 5.9%
Hotbar – 3.9%
Renos (Trojan downloader) – 2.6%
Zango Search Assistant – 2.6%


Summary – Japan


During each month in the second half of 2007, the Microsoft Malicious Software Removal Tool (MSRT), on average, removed malware from 1 out of every 685 Windows-based computers it was executed on.


CnsMin (Spyware) – 8.6%
Zlob – 4.3%
Antinny (Worm) – 3.9%
Rbot (Backdoor) – 3.4%
WhenU – 2.9%
All others – 76.9%


Summary – Netherlands


During each month in the second half of 2007, the Microsoft Malicious Software Removal Tool (MSRT), on average, removed malware from 1 out of every 170 Windows-based computers it was executed on.


Zlob – 7.4%
WhenU – 4.7%
Virtumonde (Trojan and adware) – 3.3%
Hotbar – 3.1%
ConHook (Trojan) – 2.9%
All others – 78.6%


Summary – Norway


During each month in the second half of 2007, the Microsoft Malicious Software Removal Tool (MSRT), on average, removed malware from 1 out of every 160 Windows based computers it was executed on.


Zlob – 12.5%
WhenU – 4.7%
Winfixer – 3.7%
Zango Search Assistant – 3.5%
Hotbar – 3.4%
All others – 72.2%


Other important notes from the key findings summary (all countries)




  • The total amount of malware removed from computers worldwide via the Microsoft Malicious Software Removal Tool (MSRT) increased over 40% during the second half of 2007 to more than 450 million unique computers worldwide per month.


  • During the second half of 2007 there was a 300% increase in the number of trojan downloaders and droppers detected and removed.


  • The most prevalent rogue security software detected in the second half of 2007 was Win32/Winfixer, with more than five times as many detections as any other single family. Winfixer displays erroneous alerts warning of severe system threats. The program then offers to remove the erroneous detections for a fee. These warnings appear under multiple false product names in several different language versions.


  • 129.5 million pieces of potentially unwanted software were detected between July 1 and December 31 2007, resulting in 71.7 million removals. These figures represent increases of 66.7% in total detections and 55.4% in removals over the first half of 2007.


  • Adware remained the most prevalent category of potentially unwanted software in the second half of 2007.


  • The top potentially unwanted software family detected in the second half of 2007 was Win32/Hotbar.

 


Comments are closed.

I have received a copy of a new malvertizement featuring gifttree.com. Analysis reveals two malicious URLs, being: waytotheprofit.com/?cmpid=itlocationstation-appraisals.com/c/index.php? The waytotheprofit.com URL leads us to an adnetserver.com URL which in turns leads us to a german language fraudware site, being diskretter.com (which, by the way, shares IP with A-records and mail servers with several domains including […]

Previous Entry

:o) Source: http://ars.userfriendly.org/cartoons/?id=20080623

Next Entry

Archives