Computer Crime Research Center


Top ten viruses and hoaxes reported to Sophos in August 2005

Date: September 07, 2005
Source: Sophos

Netsky stays top as Zotob fails to make impact

Sophos, a world leader in protecting businesses against viruses, spyware and spam, has revealed the top ten viruses and hoaxes causing problems for businesses around the world during the month of August 2005.

The report, compiled from Sophos's global network of monitoring stations reveals that Netsky-P, the worm written by the convicted German teenager, Sven Jaschan, has yet again retained its position at the top of the charts this month. The recent Zotob worms are notable by their absence in the chart despite having received a great deal of press attention for successfully infecting several high profile media organisations.

The top ten viruses in August were as follows:

Posi- Last Virus Percentage
tion month of reports
1 1 W32/Netsky-P 14.7%
2 2 W32/Mytob-AS 7.9%
3 3 W32/Mytob-BE 7.2%
4 5 W32/Zafi-D 3.6%
5 Re-entryW32/Zafi-B 2.9%
6 New W32/Mytob-C 2.8%
7 4 W32/Mytob-EP 2.8%
8 6 W32/Mytob-CX 2.7%
9 7 W32/Netsky-D 2.5%
10 8 W32/Mytob-CJ 2.4%
Others 49.5%

The prevalence of the Netsky-P worm rose slightly in August, from 13.9% to 14.7%, but variants of the Mytob worm remain the dominant threat to computer users, accounting for 54% of all viruses reported to Sophos in August. In addition, research now suggests that the Zotob group of viruses is also directly linked to Mytob.

"Mytob and Zotob may spread in different ways, but the source code is very similar," said Carole Theriault, security consultant at Sophos. "Moreover, the Zotob author's nickname, Diabl0, appears in more than twenty of the Mytob variants, suggesting that they may have been created by the same person. One thing is for sure - Mytob is still causing chaos in organisations that haven't updated their virus protection and patched software vulnerabilities."

The threats listed in the August virus chart have had a much smaller impact and claimed fewer victims than the previous months. Sophos's research shows that 1.99%, or one in 50 emails, circulating during the month of August were viral - a significant drop when compared to the May results of one in 38 emails.

"Rather than being a sign that virus writers are giving up trying to infect computers, the reason for this decrease is most likely due to August being a favourite holiday time for many people," explained Theriault. "While people are enjoying a cocktail of sun, sea and sand, a large number of computers are switched off and therefore immune to infection".

In order to minimise exposure to viruses, Sophos recommends that companies deploy a policy at their email gateway which blocks unwanted executable attachments from being sent into their organisation from the outside world. Companies should also run up-to-date anti-virus software, firewalls and install the latest security patches.

Sophos identified and protected against 1,626 new viruses in August. The total number of viruses Sophos now protects against is 109,244.

The top ten hoaxes reported to Sophos during August 2005 were as follows:

Posi- Hoax Percentage of reports
1 Hotmail hoax 13.5%
2 Bonsai kitten 10.0%
3 Meninas da Playboy 9.8%
4 Budweiser frogs screensaver 8.8%
5 ICE virus hoax 6.9%
6 A virtual card for you 5.7%
7 WTC Survivor 4.7%
8 Jamie Bulger 3.8%
9 Mobile phone hoax 1.9%
10 Bill Gates fortune 1.8%
Others 33.1%

"Though the Hotmail hoax is now in its 14th month at the top of the chart, it has fallen in volume by 20% from July - though this may be explained by the reduction in user activity," added Theriault. "With London still recovering from last month's bombings, it is not surprising that the ICE virus hoax, which exploits a genuine 'In Case of Emergency' campaign, has risen several places in the chart."

Sophos has made available a free, constantly updated information feed for intranets and websites which means users can always find out about the latest viruses and hoaxes.

Graphics of the above top ten virus chart are available here.

More information about safe computing, including anti-hoax policies.

About Sophos

Sophos is a world leading computer security specialist, developing software against viruses, spyware, spam and policy abuse. Headquartered in the UK, the company produces solutions tailored for businesses of all sizes - from small enterprises to global corporations. Sophos is acclaimed for delivering the highest level of customer satisfaction and protection in the industry. The company's products are sold and supported in more than 150 countries and protect more than 35 million users.
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo