arrow-downWeb domination, that is what keeping these drive-by-download components busy these past few months. Wrecking Havoc in every possible way they can.

Due to these incidents, BitDefender recently listed the top 10 list of drive-by-download threats that have been pestering these past few months.

However, before we lay down the list, let me just explain to you first as to what is the definition of “drive-by-download.” There are four strict meanings in relation to this expression:

  1. Downloads which the user indirectly authorized but without understanding the consequences.

  2. Any download that happens without knowledge of the user.

  3. Download of spyware, malware or a computer virus that may happen by visiting a website, viewing an email or even clicking a popup window without the user’s knowledge.

  4. Download of malware through exploitation of a web browser, e-mail client or operating system bug, without any user intervention whatsoever.

Now, here’s the list of the Top 10 Drive-by-download e-threats:

  1. Trojan.Clicker.CM – first on the list, Clicker.CM displays lots of commercial pop-up windows in the Web browser’s background that is currently used, aiming on luring the user to click which if clicked, in turn generates profit for advertisements registered within a PPC system.

  2. Trojan.Wimad.Gen.1 – also known as Wimad trojan. It masquerades as a player component which exploits the Windows Media Digital Rights technology in Microsoft Windows Media Player.

  3. Trojan.AutorunINF.Gen – An autorun bug in which the pest, Conficker belongs to.

  4. Trojan.Downloader.JLPK – A malware that decrypts functions and downloads 2 more malware files.

  5. Trojan.Exploit.SSX – It usually appears on sites through SQL Injection attacks which insert an invisible iframe in the once clean code that leads the unaware Internet surfer to an “outbreak” infected site.

  6. Trojan.Downloader.Js.Agent.F – A javascript file which inserts a link to a javascript line and iframes into clean html files.

  7. Trojan.Exploit.ANPI – It is downloaded from malicious websites or some legitimate websites which were infected through SQL Injection attacks.

  8. Trojan.IFrame.GA – A javascript file which gets injected in compromised webpages and sends browsers to a collection of exploits such Trojan.Exploit.ANPI.

  9. Trojan.Downloader.JS.Psyme.SR – uses scripts to download other malware onto the user’s computer by the names GameeeEeee.pif and Gameeeeeee.vbs.

  10. Trojan.Downloader.WMA.Wimad.S – A disguised application which is commonly in a media file extension, wherein once run, it prompts the user to download a file named, “PLAY_MP3.exe”

Make sure that your computer is drive-by-download proof, install a trusted and up-to-date security solution like BitDefender 2009. If you are running the previous version of BitDefender, upgrade it now.

Until next time ;-)

Malcolm – Your BitDefender Guide