Avira Malware File-Extension Statistics

[A Guy]

Malware is a generic term for trojans, viruses, worms, keyloggers, rootkits and other malicious code. The Avira blog has posted an interesting statistic about the malware that gets distributed by urls either in emails, on websites or other ways. Most computer users probably associated file types like exe as dangerous when they encounter them on websites or in emails and might be surprised that those files only make up 53% of the file extensions used.

Followed by no file type at all (e.g. pointing the user to a root url or directory) with 18.99%, the txt file extension with 10.37% and php with 6.56%.

This requires some explanation. Most users would probably agree that text files are harmless. This is not always the case especially when it comes to links as links can be redirected easily. But attackers can also rename an executable to txt and use malicious code on a website to run the file.



The statistics basically points out that while the standard file (exe) associated with a computer virus is making up more than 50% of all attacks it is of equal importance to understand that harmless looking files and links can be malicious as well.

The safest bet is still to avoid clicking on links or attachments in emails. A sandboxed environment or a virtual PC are two secure alternatives if the link needs to be clicked on.

http://www.ghacks.net/2010/01/29/avira-malware-file-extension-statistics/

A Guy

[safeguy]

The safest bet is still to avoid clicking on links or attachments in emails

I agree...whenever I get links/attachments from unknown sources...I just delete that email.

[noaccount]

hmm, rar is on the rise... interesting

[Ranjan]

I agree...whenever I get links/attachments from unknown sources...I just delete that email.

or better use a mobile phone if you are curious about the attachment or any link..

[Bluedot]

or better use a mobile phone if you are curious about the attachment or any link..

If you didn't know, malware DOES spread through mobile phones nowadays.

And the I like the Sandbox idea..you can open the file but it won't actually harm you. Or better still, as Safeguy suggested, just delete the mail if you don't trust it.

[Ranjan]

If you didn't know, malware DOES spread through mobile phones nowadays.
And the I like the Sandbox idea..you can open the file but it won't actually harm you. Or better still, as Safeguy suggested, just delete the mail if you don't trust it.

I forget to say one thing. If You use a java phone, then you can open the suspicious links or attachments... This is not in case of smartphones...

[Ceyfer √]

The safest bet is still to avoid clicking on links or attachments in emails. A sandboxed environment or a virtual PC are two secure alternatives if the link needs to be clicked on.

Well if .exe ( malware carrier ) is the problem, I will add Anti-executable program as the other option.

[noaccount]

Well if .exe ( malware carrier ) is the problem, I will add Anti-executable program as the other option.

what about the problem they refer, if exe is renamed to something else... will it work?

[Ceyfer √]

what about the problem they refer, if exe is renamed to something else... will it work?

But attackers can also rename an executable to txt and use malicious code on a website to run the file.

Double extension: readme.txt.exe

AE will stop any or at least a majority executable format.

[safeguy]

@Ranjan

It's true but isn't recommended

@ceyfer

I've always unchecked 'hide extensions for known file types'...doesn't that help? Anyway, which anti-executable program would you recommend?