Eddy Willems, Security Evangelist of G Data says: “In May, we have found more Trojans than in April. We saw an increase in both the total number of Trojans, as well as an increase in types of Trojans in this month’s top 10.” This fact does not take Willems by surprise: “This tactic is literally ancient: its effectiveness was proven in ancient Greece.”The level of success of this and other malware is a concern of Willems: “The fact that malware still flourishes finds its cause in the users. They oftentimes don’t secure their pc’s sufficiently and too often postpone installing software updates. At the same time, many of them fall into the traps of cybercriminals, who are still improving their social engineering tricks.” Willems concludes: “Slackness and curiosity may turn the user into the Achilles’ heel of the internet.” 

 

 

Information about the five most important threats of May:

 

JS:Pdfka-OE[Expl]

This is an exploit that tries to take advantage of vulnerabilities in PDF program's JavaScript engines. The user needs to open a PDF for the exploit to start. If the penetration of the victim’s computer is successful, more malicious content is brought to the machine.

 

WMA:Wimad[Drp]

This Trojan dropper pretends to be a legitimate audiofile in .wma or other mulitmedia formats like .mp3 or .wmv. If it is played back with the Windows Media Player it opens a website and asks for the download of a decoder/codec software. An execution of the file enables more malware to attack the PC. The infected files are often spread via p2p networks.

 

Worm.Autorun.VHG

A worm, that propagates with the help of the autorun.inf function on Windows operating systems. It uses removable storage devices, such as USB sticks and portable HDDs. It is an internet and network worm and exploits the Windows vulnerability CVE-2008-4250 .

 

Trojan.PWS.Kates.Z

This is a trojan, which i sspecialized in stealing confidential details, essentially passwords. An infection with a Trojan of the Trojan.PWS.Kates family results in .bat and .reg files not being executable. The Windows Explorer shuts down as soon as the user tries to launch regedit.exe, cmd.exe or the program TotalCommander.

 

Win32:MalOb-BD [Cryp]

This trojan scales down security settings of infected systems and downloads more malware. It is related to fake antivirus software, bots, ransomware and many other malicious and fraudulent activities.