Attackers targeting pirated versions of Windows

According to Bitdefender, the majority of threats in January targeted a Microsoft Windows graphics rendering engine vulnerability dubbed MS06-001 that was patched post-Windows Service Pack 2.

"It is probable that there is a large number of un-patched copies of Windows in the wild, mostly pirated versions which cannot download patches as these products cannot be activated and authenticated through Microsoft. Hence the continued 'popularity' of this exploit among virus writers," said Sorin Dudea, head of BitDefender AV Research.

Meanwhile, the trend towards more diverse and stealthier malware is continuing, said Bitdefender.

The long running Netsky.P mass distribution virus ranked second in terms of prevalence, much lower overall but still surviving.

On the spam front, image spam was down to four percent of total spam, however, the variety of image formats used is growing.

Furthermore, stock spam also decreased from 20 percent in December 2007 to three percent in January.

With regard to spammer techniques, this month's innovation is the use of very specific Google search result links (E.g. http://google.com.hk/search?hl=en&q=inurl%3Adecimal****.com+200-1765+West+8th+Ave&btnI=8503752) instead of actual links to the promoted websites, in an attempt to avoid URL-based spam filters.)

"Most of the spam flow is now made up of unique or nearly-unique e-mails. Used increasingly, this creates a need for ever-more sophisticated filters", commented Andra Miloiu, Spam Analyst for BitDefender

The top ten in its entirety is as follows:

Rank Name %
1 Exploit.Win32.WMF-PFV 9.6
2 Win32.Netsky.P@mm 4.4
3 Spyware.Pws.A 4.0
4 Win32.Worm.Sohanat.AJ 2.9
5 Trojan.Dropper.RNY 1.4
6 Win32.NetSky.D@mm 1.2
7 Win32.Netsky.AA@mm 1.2
8 Trojan.Kobcka.CG 1.1
9 Win32.Nyxem.E@mm 1.0
10 Trojan.Pandex.AC 0.9
OTHERS 72.3

bitdefender malwaremicrosoft windowspatch managementpirate patchsecuritysp2 xp