Comparison: Top malware threats

All Spammed Up published a post this week highlighting the top seven malware threats for that (May 3).  Here they are:

1. MyWebSearch (delivers rogue pop-ups, tracks surfing)
2. Vundo (Rogue A/V, information stealer)
3. Dr. Guard (Rogue A/V)
4. OnLineGames (password stealer for MMORPGs)
5. TDSServ (rootkit to conceal identity)
6. DoubleD (rogue pop-ups, browser redirection)
7. Koobface (rogue pop-ups, delivers other malware)

According to the Microsoft SIRv8, they list the following top 7 threats in the corporate environment:

1. Conficker (worm)
2. Taterf (password stealer for MMORPGs)
3. RealVNC (miscellaneous potentially unwanted software)
4. Autorun (worm)
5. Renos (trojan)
6. Hamweq (worm)
7. Agent (trojan)

For the home environment, below are the top 7 threats for the second half of 2009:

1. Taterf (password stealer)
2. Renos (trojan)
3. FakeXPA (rogue A/V)
4. Alureon (trojan)
5. Frethog (password stealer)
6. BaiduSobar (miscellaneous potentially unwanted software)
7. GameVance (Adware)

Of these, the only ones common to both lists are Taterf and Renos.  Domain-joined computers were much more likely to encounter worms than non-domain computers, due in large part to the way worms propagate. Worms typically spread most effectively via file shares and removable storage volumes, both of which are often plentiful in enterprise environments, and less common in homes. In contrast, the Adware and Miscellaneous Trojans categories are much more common on non-domain computers.

The threat landscape, for malware, differs for home users compared to enterprise users.  I’ve never seen any study that compares the spam spewing out of home users vs enterprise users, but it’d be an interesting one (to me, anyway).