Expanding into new global markets? Get your complete cross border checklist.
Welcome Guest | Sign In

Trojan Takes First Place in Top 10 List of Malware

By Jennifer LeClaire
Jan 3, 2005 3:04 PM PT

A Trojan dubbed "Downloader.GK" caused the most damage to computers in 2004, marking the first time a worm hasn't occupied the top spot, according to Panda Software.

Trojan Takes First Place in Top 10 List of Malware

This signifies an important change in the impact that malicious code is having on computers, the company concluded.

Downloader.GK is blamed for 14 percent of all attacks last year, according to data gathered via Panda ActiveScan, a free online scanner.

Preventative Measures

This Trojan doesn't spread of its own accord, but is downloaded onto computers when unsuspecting users visit certain Web pages and accept the installation of a specific ActiveX control. Downloader.GK installs and runs two adware programs on the computers it infects.

Identifying malware is one thing, but preventing it is another, according to Ken Dunham, the director of malicious code research at iDefense, a Reston, Virginia-based threat intelligence firm. He pointed to the "Scob" Trojan, also known as "Download.Ject," attack of last summer as an example. It might not be on the top 10 list, but it is a sophisticated attack that plagued the Web for weeks, planting adware on computer desktops.

"Scob was a very sophisticated and complicated attack and many people still don't understand what took place there," Dunham told the E-Commerce Times. "What comes natural is to react to the next worm and come out with a fix. What is much more difficult to do well is to know the hackers and know what they are working on and how they operate to put together the whole threat picture. We need to see how all the dots are connected and what is coming next."

The Scob attacks have been attributed to a Russian hacking group known as the "hangUP team." They attacked Microsoft Internet Information Services Web servers to distribute the Trojan horse program. Dunham said international crime rings often include hackers who speak multiple languages, making it hard to track them down.

Malicious Conclusions

Scob aside, since it first appeared in June 2004, the Downloader.GK Trojan has been the malicious code responsible for most attacks on users' systems, replacing worms as the primary threat and heralding the advent of a dangerous new trend in malware, with Trojans on the increase. This is also manifest in the fact that four on Panda's Top 10 list are also Trojans; in 2003, there were two, and in 2002 just one.

Three of the Top 10 are members of the Netsky family, (the P, B and D variants). The three share a number of characteristics, and as with many worms, they all spread via e-mail in messages with variable characteristics.

Four of the malicious codes in this year's Top 10 use vulnerabilities in common software installed on computers in order to carry out their malicious action. This highlights the danger that these flaws represent and the need for users to install the patches provided by vendors to fix them.

"It's a tough threat environment today," Dunham said. "You are starting to see warlords appear in different locations carving out their territory, and they are very well organized. I don't think it will be long before we start to see more organized turf wars and more sophisticated attacks coming to the attention of people in the public light."

Which most influences your decision to accept a LinkedIn invite from a stranger?
Groups or interests we have in common
Personal message they included with the invitation
Relevance of their industry or experience to my own
Size of their network and/or how many connections we have in common
Thoroughness and credibility of their LinkedIn profile
All of the above -- I am meticulous about whom I allow in my network
None of the above -- I accept all LinkedIn invites
Digital River - Cross Border Commerce Checklist