X

Microsoft sees big jump in Trojan downloaders

Latest security report from Microsoft says Trojan downloaders based on e-mail scams rose 300 percent in the second half of last year.

Elinor Mills Former Staff Writer
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.
See full bio
Elinor Mills
2 min read

Computer users are increasingly at risk of being lured to Web sites that surreptitiously download malicious software onto their machines, but stolen or lost laptops still represent most of the security breaches reported, according to a new Microsoft report.

Exploits, malicious software, and hacking accounted for 13 percent of all security breach notifications recorded in the second half of last year, while 57 percent of the breaches publicly disclosed involved lost or stolen equipment, the latest six-month Microsoft Security Intelligence Report says.

"Physical security involving personally identifiable information (breaches) far outweighs Internet and virus-related 'soft' scenarios," said Jimmy Kuo, principal architect of the Microsoft Malware Protection Center.

Of the malicious software attacks, there was a 300 percent increase in the number and proportion of Trojan downloaders and droppers that were detected and removed, according to the report.

Win32/Nuwar, also called the Storm Worm, is an example of a Trojan dropper. It arrives in an e-mail, enticing recipients to visit a Web site, and then installs a Trojan on the computer that provides back-door access. The worm has been continually updated to avoid detection and now more than half a million systems have been infected worldwide creating a botnet, the report says.

Detection trends in potentially unwanted software, 1H06-2H07, by percentage. Microsoft

In another popular Internet attack, people are duped into buying fraudulent or nonexistent security products from rogue companies that instead take the money and sell the credit card information to others. The attackers get the consumer's attention with ads that claim that the computer is vulnerable to hackers and offer to clean it up.

Hackers are also sneaking malware into banner ads that get distributed via online ad networks and end up on high-profile Web sites, Kuo says. Adware increased by more than 66 percent during the second half of last year.

Some other statistics from the report:

  • Microsoft's Malicious Software Removal Tool removed malware from one out of every 123 computers each month during the second half of 2007.

  • The number of new vulnerability disclosures during the final six months of last year declined by 15 percent, representing the fewest disclosures in two years, while total vulnerability disclosures dropped by 5 percent overall in 2007.

  • More than 75 percent of the active phishing pages, which lure e-mail recipients to a malicious site and ask for personal information, used English-language pages, followed by Italian, Spanish, German, French and Turkish. Phishing attempts are being seen increasingly on social networks, as well.

Computer users are advised to apply software updates regularly, enable a firewall on their system, and install and maintain antivirus and antispyware programs.

On this map, the areas in dark red indicate a higher average malware detection rate, while those in dark green show a lower average detection rate. Microsoft