Sophos: top ten viruses in December 2005
Date: January 05, 2006Source: Sophos
Sophos, a world leader in protecting businesses against viruses, spyware and spam, has revealed the top ten viruses and hoaxes causing problems for businesses around the world during the month of December 2005.
The report, compiled from Sophos's global network of monitoring stations, reveals that Sober-Z has taken the world by storm this month, accounting for a massive 78.92% of all malware reported to Sophos. Its domination of the charts is making other current threats pale in comparison, and the Sober threat shows no sign of slowing down.
The top ten viruses in December were as follows:
Position Last month Virus Percentage of reports
1 1 W32/Sober-Z 78.9%
2 7 W32/Zafi-B 3.3%
3 2 W32/Netsky-P 2.3%
4 4 W32/Mytob-EX 1.4%
5 New W32/Mytob-FO 1.2%
6 6 W32/Mytob-BE 0.7%
7 = W32/Zafi-D 0.6%
7 = W32/Mytob-GH 0.6%
9 = W32/Mytob-C 0.5%
9 = W32/Mytob-FM 0.5%
Others 9.5%
The highly prolific Sober-Z worm sends itself as an email attachment and attempts to turn off security software on the user's computer. The author of this worm has been operating anonymously for more than two years, and this latest threat is the cyber criminal's most widespread virus yet.
"A key differentiator of the Sober worms is their ability to dupe users. From promising World Cup football tickets, to posing as the FBI or long-lost pal, it seems the Sober family will stop at nothing to ensure that recipients launch the viral email attachment," said Carole Theriault, senior security consultant at Sophos. "The Sober-Z worm stormed to the top of the November 2005 chart and continued to hold the number one spot throughout December. Should the author go ahead and upload malware onto websites for infected machines to grab and run, as anticipated, the worm may disrupt businesses even further."
Ironically Sober-Z, which can disguise itself as a message from investigators at the FBI, CIA or Germany's Federal Crime Office (BKA), led to the arrest of a child porn offender this month. The 20-year-old German man believed the contents of the infected email, which informed him that he was being investigated by the BKA for visiting illegal websites, and subsequently turned himself into the police.
"Rarely does a virus actually benefit society, but few people would discourage the German police from investigating this guy," continued Theriault. "However, it is an inadvertent victory for justice - the Sober virus writer has been causing havoc for computer users around the world for several years. The good news is that this persistent worm is easy to combat if home users and businesses have effective up-to-date anti-virus and anti-spam protection in place, and if they follow safe computing practices."
The rest of the chart has remained fairly static during December. Zafi-B is the only climber, creeping up from seventh to second position. However Sober-Z's dominance has ensured that this worm still only accounts for 3.3% of malware reported to Sophos in the last month of 2005. Elsewhere in the chart, Netsky-P is still hanging on, but has dropped to third position, and several Mytob variants continue to plague businesses and users, including two new entries, Mytob-FO and Mytob-FM.
Original article
Add comment
Email to a Friend
