CartBitDefender researchers released today the roundup of May's most widespread malware on personal computers
In second place there's Trojan.Downloader.WMA.Wimad.N, which, despite the complicated-sounding name, actually serves a very simple function : to load another piece of malware. It does it by pretending to be a helper app that will download a "codec" to play a "special type" of WMA file. Once the user is tricked, it downloads and runs Adware.PlayMp3z.A, an application meant to take personal information from the clients computer and use it in marketing or suspicious practices. When executed, the adware even displays a pop-up with an EULA, in an attempt to convince users of its legitimacy.
Ranked first, Trojan.Clicker.CM is a popup-serving baddie which seems to be well served by its Norton-avoidance code (it is programmed to be able to get around Norton's popup blocker).
Trying to avoid antivirus software seems to be quite the fad, as in third place there's a trojan that serves only one purpose: to prevent BitDefender from updating its virus signature database. It does this, quite simply, by modifying the infected machine's hosts file. Obviously, the trick only works on machines which don't have the BitDefender on-access scanner started.
"It just goes to show that it doesn't pay off to turn off your protection - not even for a little while" commented Sorin Dudea for BitDefender.
The NSAnti malware packer is still in the top ten, racking up percentage points due to the sheer number of malware authors who still try to hide their creations using it.
A strange appearance, in tenth position, is a rather old exploit targeting a bug in the way Microsoft windows handles cursor and icon files, one that could allow attackers remote access. The bug has long since been patched, but it would seem there's still a lot of malware that includes the exploit code "just in case".
| Rank | Name | % |
| 1. | Trojan.Clicker.CM | 8.03 |
| 2. | Trojan.Downloader.WMA.Wimad.N | 7.26 |
| 3. | Trojan.Qhost.AQR | 3.38 |
| 4. | Trojan.FakeAlert.PP | 3.25 |
| 5. | Trojan.HTML.Zlob.AA | 2.66 |
| 6. | Trojan.HTML.Zlob.W | 2.64 |
| 7. | Trojan.Autorun.EU | 2.3 |
| 8. | Packer.Malware.NSAnti.AD | 1.96 |
| 9. | Trojan.Downloader.JS.Agent.OL | 1.73 |
| 10 | Exploit.Win32.MS05-002.Gen | 1.61 |
About BitDefender®
BitDefender is the creator of one of the industry's fastest and most effective lines of internationally certified security software. Since our inception in 2001, BitDefender has continued to raise the bar and set new standards in proactive threat prevention. Every day, BitDefender protects tens of millions of home and corporate users across the globe — giving them the peace of mind of knowing that their digital experiences will be secure. BitDefender solutions are distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. More information is available on our security solutions' site.