Sunbelt Software announces Top Ten spyware threats for April

By | May 3, 2006

Sunbelt System Software, specialist distributor of business continuity and security solutions for enterprises and SMEs, today announces the top ten most prevalent spyware threats for the month of April. The results are based on the monthly scans performed by Sunbelt´s award-winning anti-spyware product CounterSpy.

“Tro.DesktopScam is on top of the pile for the second month in a row ­ something that hasn№t happened for a long time,” said Ian Masters, UK sales and marketing director at Sunbelt Software. “Spyware writers are constantly evolving their techniques and making their programmes harder to detect and harder to remove. Our excellent database provides us with an early warning system as new variants are detected and our anti-spyware technology is developing at an unprecedented rate as we aim to keep get ahead and keep ahead of the threats.”

The top ten most prevalent spyware threats for April are:

Tro.DesktopScam ­ 2.77%

Virtumonde ­ 1.27%

Looking-For.Home Search Assistant ­ 0.97%

SpywareQuake ­ 0.92%

Command Service ­ 0.85%

180search Assistant ­ 0.82%

BraveSentry ­ 0.79%

EliteMedia ­ 0.78%

AvenueMedia.InternetOptimizer ­ 0.74%

StartPage.TimesSquare ­ 0.73%

Tro.DesktopScam ­ This program is used to trick the affected user into purchasing certain security applications.

Virtumonde

Virtumonde is an adware program that displays pop-up advertisements on the desktop and also downloads other software from various remote servers.

There are many variants of Virtumonde, some with trojan-like behaviors including downloading other software without notice and consent, transmitting information to remote servers without notice and consent, and lowering system security on the infected machine.

Looking-For.Home Search Assistant

Home Search Assistant is an Internet Explorer browser helper object (BHO) that changes the user´s home page and modifies search results. It also spawns pop-ups on the desktop.

SpywareQuake

Removes the user´s access to use Windows Search and replaces it with C:WINDOWSisrvsdesktop.exe.

CmdService

CmdService is an adware application that opens pop-ups and displays various types of advertising on the user´s desktop while browsing web pages.

CmdService is installed by a number of drive-by downloaders, including

IE-Plugin.

180search Assistant

180search Assistant logs the web pages you visit, when you visit them and uploads the data to its servers.

BRAVESentry

BRAVESentry is a purported anti-spyware application to scan for and remove spyware from users´ computers. It is known to be distributed through exploits that also download adware/spyware on users´ computers without notice or consent. When BRAVESentry is downloaded through an exploit, it puts an icon in the system tray and shows a false warning that the computer is infected with spyware. BRAVESentry´s free scan reports multiple false positives in order to frighten the user into paying for the program.

ELITEMedia

ELITEMedia is an adware application that opens pop-up advertisements on the user´s desktop and may be installed though a security exploit and bundled with other adware and malware.

AvenueMedia.InternetOptimizer

Internet Optimizer, also known as DyFuCA, is an adware application that hijacks the user´s browser error page. It opens pop-up windows to display ads from its network sites periodically, also is known to update itself.

The ´DyFuCA Active Alert´ component can open pop-up ´alerts´ when directed by its controlling server at http://www.internet-optimizer.com. This software has been seen to download without notice/consent, bundled with other adware/spyware, during security exploits.

StartPage.TimesSquare

Hijacks the IE start page and search pages and displays ads.

Leave a Reply