News Archive

Virus Top Ten

by msecadm4921

Anti-computer virus firm Sophos reports the top ten viruses and hoaxes causing problems for businesses during July 2005.

The report, compiled from Sophos’s monitoring stations shows that Netsky-P, the worm written by the recently convicted German teenager, Sven Jaschan, tops the charts this month. However, it is the variants of the Mytob worm that are dominating the polls – accounting for seven of the top ten positions and over 37pc of all viruses reported to Sophos in July.

The top ten viruses in July were as follows:

1 W32/Netsky-P 13.9%
2 W32/Mytob-AS 11.6%
3 W32/Mytob-BE 9.3%
4 W32/Mytob-EP 5.5%
5 W32/Zafi-D 3.5%
6 W32/Mytob-CX 3.2% New Entry
7 W32/Netsky-D 3.1%
8 W32/Mytob-CJ 2.6%
9 W32/Mytob-CN 2.6%
10 W32/Mytob-AT 2.3%

Others 42.4pc

What they say

"The sheer volume and range of the Mytob worms sees them hog most positions in the virus chart. It’s not the viciousness of the worm that is the problem, but the constant onslaught of slightly differing variants," said Carole Theriault, security consultant, Sophos. "This month’s only new entry is another family member – Mytob-CX and despite accounting for only 3.2pc of viruses in July, it shows that the Mytob team isn’t about to go away."

SophosLabs, Sophos’s virus, spyware and spam analysis centres, has analysed and provided protection against hundreds of Mytob variants, but new versions continue to be released by virus writers and hackers.

"The Mytob army of malware is one of the biggest we have ever seen," continued Theriault. "The criminals behind these attacks are constantly releasing new viral code to do their dirty work for them."

Most of the variants infect networks via email and many are able to take advantage of known software vulnerabilities, the firm adds. Many versions are also equipped with malicious code that enables them to communicate with the outside world – though Sophos points out that these can be contained by a firewall. Some new variants of the worm have even adopted a trick commonly used by phishers, which directs users to a website, where they involuntarily download a copy of the worm.

"The good news is that although the Mytob army is tricky, it is controllable," added Theriault. "Businesses can tackle these worms so long as they keep multi-layered anti-virus protection, firewalls and security policies fully updated, which will prevent them from turning off the network’s anti-virus protection."

To minimise exposure to viruses, the firm recommends that companies deploy a policy at their email gateway which blocks unwanted executable attachments from being sent into their organisation from the outside world. Companies should also run up-to-date anti-virus software, firewalls and install security patches.

Sophos reports that it identified and protected against 1,380 new viruses in July. The total number of viruses Sophos now protects against is 107,598. Its research shows that 2.1pc, or one in 47 emails, circulating during the month of July were viral – a slight decrease on the previous month, when one in 43 emails were infected.

The top ten hoaxes reported to Sophos during July 2005 were as follows:

1 Hotmail hoax 30.9% 13th month at number one
2 Meninas da Playboy 8.1%
3 Bonsai kitten 7.3%
4 WTC Survivor 5.1%
5 Jamie Bulger 5.0%
6 Budweiser frogs screensaver 4.1%
7 ICE virus hoax 3.7% New entry
8 A virtual card for you 3.0%
9 Applebees Gift Certificate 2.7%
10 Bill Gates fortune 2.2%

Others 27.9%

"The ICE virus hoax has jumped on the coat-tails of a legitimate email campaign designed to encourage users to enter an ‘In Case of Emergency’ number into their mobile phones in the wake of the bombings in London. The hoax, however, tries to fool people into believing that following the advice opens them up to a possible mobile virus infection, which is complete poppycock," said Theriault. "Apart from that, the hoax chart sees little movement this month – with several of the same old faces cropping up. The Hotmail hoax holds the number one spot for the 13th month and has increased its domination by over ten percent."

Sophos has made available a free information feed for intranets and websites which means users can find out about viruses and hoaxes:
www.sophos.com/virusinfo/infofeed/

For more information about safe computing, including anti-hoax policies, visit:

Related News

  • News Archive

    Saudi HD

    by msecadm4921

    King Abdulaziz International Airport (KAIA), Saudi Arabia’s third largest airport, has deployed the Avigilon HD Surveillance System in 13 parking lots, its…

  • News Archive

    ACS Regional Events

    by msecadm4921

    The Security Industry Authority (SIA) has sent out invitations for the next round of Approved Contractor Scheme forums, in April. The six…

  • News Archive

    Digital Interviewing

    by msecadm4921

    Fredrik Østereng from Indico Systems talks about a new tool for Loss Prevention (LP) officers that can speed up the theft investigation…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing