Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

Back to the news list

June '07 virus review by Doctor Web

July 1, 2007

June virus and spam review by Doctor Web, Ltd.

Virus Monitoring Service of Doctor Web, Ltd. reports on virus events in June 2007. Virus environment seems to have experienced no dramatic changes last month running its habitual way - relatively calm, with two clearly marked outbreaks of Win32.HLLM.Limar activity. Yet, compared to the previous months when Win32.HLLM.Limar climbed as high as to 70% of the infected traffic, the worm’s new modifications failed to hold this position and ran up to 50% only. Its creators gave up mass diffusion of a particular modification in favor to distribution of diverse modifications. Accordingly, a special record detecting a wide range of such modification was added to Dr.Web virus definitions database.


Win32.HLLM.Limar outbreaks graph

Win32.HLLM.Limar broke through in the fall of June with e-mails titled “Your Information” and “Hey”, although it resulted in no epidemic this time.

The number of online games password stealers noticeably increased. Their creators go out of their way to keep up with corresponding anti-viral tools. It’s no secret that for some users online games are not just entertainment but investment target as well. Huge sums are spent sometimes on additional settings for the characters and artifacts keeping virus writers on their guard. This malware fleets mostly from South Asia. In addition to online game password stealers e-worms like Win32.HLLW.Autoruner, Win32.HLLW.Texmer, Win32.HLLW.Gavir, Win32.HLLW.Creater, Win32.HLLW.Cung increased in number, as well.

Trojan.Plastix sprang up once again disguised as spicy maid shots. It originally spread over as mobile phones recharge codes generator software. The malware distributors seem to stick to the time-proved trick to make the users run the necessary file. In case you find your computer infected by Trojan.Plastix don’t hesitate to call technical Support of Doctor Web, Ltd. to recover your PC.

Spam review

As far as spam events are concerned, June 2007 was marked by a large increase of spam mails with PDF-format attachments - a new trick used to bypass the latest anti-spam filters. You could also see much more commercial spam and mail distribution offers while considerable decline of tourist spam. A few spam waves were recorded during this month. One of them titled "Osho. That’s about all" offered a 6-disk media archive with tons of eastern philosophy.

English spam proves true English steadiness – plastic surgery and medicine has kept the palm for quite a long period.

  • 12128 virus entries were added to Dr.Web virus database in June 2007

Below goes a short summary table online check for this month:

Virus name Quantity
VBS.Psyme.239 564
VBS.PackFor 220
Win32.HLLM.Limar 213
Trojan.Virtumod 160
Trojan.SCKeyLog.20 158
Trojan.Spambot 149
Win32.HLLM.Wukill 105
Win32.HLLW.Autoruner 83
BackDoor.Bulknet 66
Trojan.Peflog.31 64

Below is a summary table of 20 top viruses detected on mail servers protected by Dr.Web in June 2007:

Virus name % of the general quantity
Win32.HLLM.Netsky.35328 19.42
Win32.HLLM.Graz 11.84
Win32.HLLM.Limar 10.65
Win32.HLLP.Sector 9.90
Win32.HLLM.Netsky.based 7.24
Win32.HLLM.Beagle 7.11
Win32.HLLM.Limar.based 6.46
Win32.HLLM.MyDoom.based 6.03
Win32.HLLM.Perf 2.91
Win32.HLLM.Netsky 2.12
Exploit.MS05-053 1.69
Win32.HLLM.Oder 1.28
Trojan.DownLoader.23782 1.24
Win32.HLLM.Beagle.pswzip 1.04
Win32.HLLM.MyDoom.33808 0.92
Win32.HLLM.MyDoom.49 0.79
Win32.HLLM.Netsky.24064 0.78
Win32.HLLM.Generic.391 0.66
BackDoor.Generic.1138 0.57
Win32.HLLM.Netsky.28008 0.55
Other malicious programs 6,8

Tell us what you think

To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.


Other comments