Sunbelt Software Announces Top 10 Malware Threats for December

Stats from leading anti-malware developer find that Trojan horse programs continue to be pervasive within malware landscape

Jan 04, 2010, 10:05 ET from Sunbelt Software

CLEARWATER, Fla., Jan. 4 /PRNewswire/ -- Sunbelt Software, a leading provider of Windows security software, today announced the top 10 most prevalent malware threats for the month of December 2009. The report, compiled from monthly scans performed by Sunbelt's award-winning anti-malware solution, VIPRE® Antivirus + Antispyware, and its antispyware tool, CounterSpy®, is a service of SunbeltLabs(TM).

In December, the malware landscape remained remarkably similar to November, according to Sunbelt Software ThreatNet statistics. In both months, six of the top 10 detections were Trojan horse programs. The top detection for December, Trojan.Win32.Generic!BT, a generic detection for Trojans, made up 18.69 percent of detected malware in the month. It had also been the top detection in November.

"When nearly 20 percent of our detections for the month are a 'bulk' detection like this, it is evident that Trojans are still a huge threat today. They're being used to download a lot of malware, including rogue security products, bot installers and spyware that steal banking passwords," said Michael St. Neitzel, Sunbelt Software vice president of Threat Research.

After holding the top spot on the list for most of 2009, the password-stealing Trojan-Spy.Win32.Zbot.gen held the second position on the list for the second consecutive month, increasing from 6.0 to 6.23 percent of all detections.

Meanwhile, two new detections moved onto this month's top 10 list. Fast Browser Search - a browser toolbar add-on that provides a search box and takes over the default search settings of the browser - with 2.40 percent of overall detections, and Trojan.Win32.Malware - a generic detection of malware that is associated with Trojan horse programs - at 2.23 percent.

"Malicious operators have been using Search Engine Optimization (SEO) techniques in order to lure victims to malicious sites that download Trojans. Their sites place in the top hits in many online search engines when Internet users go looking for current topics in the news," St. Neitzel said.

    Some of the most dangerous web searches in December were:
    -- "Brittany Murphy" (leads to redirect sites selling rogues)
    -- "chromium os download" (leads to rogue download sites)
    -- "New Year's Parades"
    --"Tiger Woods car crash" (sites offer videos with Trojanized video
    -- "Tiger Woods rumors"

The top 10 results represent the number of times a particular malware infection was detected during VIPRE and CounterSpy scans that report back to Sunbelt's community of opt-in users. These threats are classified moderate to severe based on method of installation among other criteria established by SunbeltLabs. The majority of these threats propagate through stealth installations or social engineering.

The top 10 most prevalent malware threats for the month of December are:

    1.  Trojan.Win32.Generic!BT       18.69%
    2.  Trojan-Spy.Win32.Zbot.gen      6.23%
    3.  Trojan.Win32.Generic!SB.0      4.09%
    4.  Exploit.PDF-JS.Gen (v)         3.31%
    5.  Trojan.ASF.Wimad (v)           2.42%
    6.  Fast Browser Search            2.40%
    7.  Trojan.Win32.Malware           2.23%
    8.  INF.Autorun (v)                1.62%
    9.  BehavesLike.Win32.Malware (v)  1.18%
    10. Trojan.Malware                 0.94%

About SunbeltLabs

SunbeltLabs specializes in the discovery and analysis of dangerous vulnerabilities (i.e., security holes, bugs, maligned features or combination of operations) that could be exploited for Internet and email attacks. The research team actively researches new malware outbreaks, creating and testing new threat definitions on a constant basis. For detailed threat research information and to view the top 10 threats in real time please visit SunbeltLabs at

About Sunbelt Software

Headquartered in Tampa Bay (Clearwater), Fla., Sunbelt Software was founded in 1994 and is a leading provider of Windows security software including enterprise antivirus, antispyware, email security, and malware analysis tools. Leading products include the VIPRE(®) and CounterSpy(® )product lines, Sunbelt Exchange Archiver(TM), CWSandbox(TM), and ThreatTrack(TM).

For more information about Sunbelt Software, please visit the company's website at: To learn more about current activities, products, and ideas at Sunbelt Software, please visit Sunbelt's corporate blog at To view this release online, go to

Copyright © 2010 Sunbelt Software. All rights reserved. All trademarks used are owned by their respective companies.

    Contact:       Brian Alberti                Laurie Murrell
                   Davies Murphy Group          Sunbelt Software
                   +1-781-418-2403              +1-727-562-0101

SOURCE Sunbelt Software