Region-specific malicious codes and Trojans pose the top threat to online security, today, according to AhnLab Inc., a provider of integrated security solutions. In the April issue of the ASEC Report (available now),the AhnLab Security Emergency Response Center details major security trends for the first quarter of 2011.

Region-Specific Malicious Codes

Instead of a generic, one-size-fits-all approach, variants of malicious codes are increasingly being built for different regions according to the ASEC Report. During the first quarter of 2011, variants of well-known malicious codes including Conficker, Bredolad, Autorun, Virut, and Sality were reported in multiple countries. Additionally, rogue antivirus programs, appearing in a user's local language, were also widely reported. These programs trick users into believing their PC's have multiple infections that can only be removed by purchasing fake fixes. Based on a user's location, the graphical user interface of these programs is automatically translated to the local language adding to their apparent authenticity.

Trojans Rank as Most Reported Malicious Code

Based on a sampling study of users in Korea, Trojan remains the most reported malicious code at 53.1%, followed by worm at 12.3% and script at 8.4%. Trojan was also the most reported among new malicious codes at 85%, followed by adware at 7% and dropper at 4%.

The top five most reported malicious code (and code variant) categories include Trojans such as: Win-Trojan/Overtls15.Gen, Win-Trojan/Patched.CR, Win-Trojan/Onlinegamehack, Win-Trojan/Downloader, Win-Trojan/Agent, and Win-Trojan/Winsoft.

The most reported new malicious code was Win-Trojan/Overtls15.Gen (618,379 reports/17.2%), followed closely by Win-Trojan/Patched.CR (581,656/13%) and Win-Trojan/Overtls11.Gen (570,302/12.7%).