2006– The first two months of Q3 saw most of the malware that take advantage of undetermined vulnerabilities to bring in their partners in crime-another malware. Most of these malware belong to the TROJ_MDROPPER family.
On the third month of Q3, the proliferation of the aforementioned family is unstoppable. Last September 1, another variant named TROJ_MDROPPER.BR was released to drop another malware detected by Trend Micro as WORM_MOFEI.AK on vulnerable machines. As a result, routines of the dropped worm are also exhibited on the affected machines.
The partnershipattack, which was evident in the families of NETSKY, BAGLE, FEEBS, and now MDROPPER, may strike in different ways; Worm+HTML, worm+Trojan, script+worm, Trojan+worm, Trojan+backdoor, etc. However, with or without taking advantage of vulnerability, it is as a whole, a technique rather old as Eric Avena has mentioned, let us not be a victim.