IT Threat Evolution: Q2 2011

11 Aug
Virus News

After analyzing vast numbers of IT threats during the second quarter of 2011, Kaspersky Lab’s experts identified a number of important trends…

Vulnerability monopoly. For the very first time in its history, the Top 10 rating of vulnerabilities includes products from just two companies: Adobe and Oracle (Java), with seven of those 10 vulnerabilities being found in Adobe Flash Player alone. Microsoft products have disappeared from this ranking due to improvements in the automatic Windows update mechanism and the growing proportion of users who have Windows 7 installed on their PCs.

http://www.kaspersky.com/about/news/virus/2011/IT_Threat_Evolution_Q2_2011

Another reason for me to hate Adobe Flash.

There is a topic here for security news http://forum.avast.com/index.php?topic=52252.0

Hi Nesivos,

To give a more practical example of this that suits this forum section,
consider this Analysis Report from Anubis:
http://anubis.iseclab.org/?action=result&task_id=1673e4ac35592ca8421c0b12f5565dbe3&format=html
Some of the characteristics that struck me there in the Anubis analysis were: ​

1. Cache\​Extensible Cache\​MSHist012011021420110221
   for example found with Keylogger adware code; XSS attack code;
2. NodeSlots 0x020202020202020202020202020202020202020202 attack code;
3. CachePrefix :2011021420110221: also found with Trojan OneScan
4. Multimedia Update code;
5. WDUF49AN comes from SpeyeEye code;
6. !SHMSFTHISTORY! mutex deom EMOGEN malware;
7. Shell.CMruPidlList is a mutex found in Exploit Kit code;
   & ie5!mshist012011021420110221! mutex also found in Fud Keylogger,
   This here just to mention a few examples.

Unknown - The file is not an (PE) executable and cannot do any harm,
but I am not completely sure as when it could connect.
Anyway all reported by me to virus AT avast dot com for further analysis,

polonus