August 2009

PC Users Threatened by Conficker Worm and new Internet-browser Modifier

• Conficker most widespread generally
• New Threat, Win32/FlyStudio most widespread in China
• High share of threats exploiting MS Windows autorun.inf function

For the month of July, ESET's statistical threat evaluation system - ThreatSense.Net has evaluated the variant of Win32/Conficker worm as the single most widespread form of malware with a share of 10.67% globally. Other forms of malware still spreading on a mass scale include the types such INF/Autorun , exploiting the MS Windows autorun.inf function. Their share of 8.39% places them second on ESET's threat list. Third place (7.92%) went to a family of Win32/PSW.OnLineGames Trojans and their variants especially targeting online gamers.

Win32/Agent designed to steal information from PCs placed fourth with 2.59%. The newcomer - Win32/FlyStudio closes the top 5 list with 2.38% share of threats detected. The Win32/FlyStudio threat is designed to modify information inside the victim's Internet browser. This threat will modify search queries, with the intention of delivering advertisements to the user. Win32/FlyStudio uses a scripting language popular among malware writers and ranks among the most widespread threats China. USA, Mexico and Argentina are also among countries with high occurrence rates of this type of malware.