Computer users warned of unauthorised software cracks and key generators that contain Trojans
SYDNEY, AUSTRALIA – April 6, 2011 – BitDefender® has today released the results from its Australian malware report for Q1, 2011. Malware related to software piracy has been the biggest cause of infections so far this year, with a new Trojan taking the top spot in the total number of infections detected by BitDefender in Australia from January to March, 2011. BitDefender recommends computer users to exercise caution when downloading and installing software from unknown sources, especially those that require the use of often illegal product registration key generators.
Trojan.Crack.I, a rogue application that generates unauthorised product registration keys to defeat the licensing protection of software products, accounted for 8.4 percent of total infections. If your PC is infected by Trojan.Crack.I, it may also collect details of other applications that run on your PC – including user name, product version and registration keys.
Trojan.AutorunINF.Gen, a piece of malware that has been high on BitDefender’s watch list for some time, was the second most prevalent threat during Q1 2011 with 5.2 percent of total infections. It targets the auto-run functionality of removable devices such as USB drives on Windows® PCs and opens it to malicious attacks. The Trojan’s presence in this quarter’s report suggests that many PC users are still not wary of the potential risks of inserting and using USB devices at places such as internet cafes, or to regularly check their USB devices for viruses or malware to ensure it hasn’t been compromised.
Third place in this quarterly malware report belonged to Exploit.CplLnk.Gen – an infection that specifically targets .lnk files (shortcut files) by making use of a vulnerability in Windows® to execute arbitrary code. This exploit has seen a significant boost in the past few weeks and is expected to spread even further. It is also one of the four zero-day exploits that have been intensively used by the Stuxnet worm to compromise local security.
Win32.Worm.Downadup.Gen ranked fourth, with a modest 3.8 percent of total infections this quarter. The worm’s agenda is well-known: it prevents users from accessing Windows® Update as well as security vendors’ web pages, whilst downloading fake antivirus programs onto the compromised machine.
Ranking fifth is Java.Trojan.Downloader.OpenConnection.AI (3.5 percent) – a Trojan that slows down your PC and internet connection speed. It then silently replaces existing desktop shortcuts with new ones, after which it redirects your browser’s homepage and all searches towards pages containing illicit advertising. Last but not least, this malware also writes and sends email messages (containing spam and malware) automatically on your behalf.