Computer Crime Research Center


Targeted cybercrime, threats increase by 48% in 2005

Date: February 07, 2006
Source: Sophos

Sophos, a world leader in protecting businesses against viruses, spyware and spam, has revealed the top ten malware threats of 2005, in a new in-depth report into the year's most pressing security issues.

In a year that has seen the number of new threats rise by a staggering 48%, the lingering W32/Zafi-D worm has taken the number one spot in the virus chart, while last year's hardest hitting virus, W32/Netsky-P, has dropped to second place.

In contrast, W32/Sober-Z - only unleashed in November 2005 - has already climbed to third position as it continues to disrupt and clog networks worldwide.

The 'Sophos Security Threat Management Report 2005' - which can be downloaded here - was compiled by the experts at SophosLabs™, and reveals that on average, one in every 44 emails was viral during 2005. This rose to one in twelve during major outbreaks, while 15,907 new malware threats were identified.

The top ten viruses of the year, reported at Sophos's global network of monitoring stations, are as follows: W32/Zafi-D (16.7%), W32/Netsky-P (15.7%), W32/Sober-Z (6.0%), W32/Sober-N (4.3%), W32/Zafi-B (4.0%), W32/Mytob-BE (3.9%), W32/Mytob-AS (3.8%), W32/Netsky-D (3.0%), W32/Mytob-GH (1.9%), W32/Mytob-EP (1.8%) and others (38.9%).

"Don't let the figures fool you - old-timers may head up the top ten, but the enormous rise in the number of new threats shows that 2005 has been anything but quiet on the malware front," said Graham Cluley, senior technology consultant at Sophos. "This huge increase stems from the escalating interest in authoring Trojans, worms and viruses shown by criminal gangs intent on making a profit. By focusing their efforts on a smaller number of victims, cybercriminals can target them with bespoke malware, increasing their chances of slipping under the security net."

Interestingly, while all of the top ten threats are Windows-based worms, the number of Trojan horses written during 2005 outweighs worms by almost 2:1. In addition, the percentage of malware that includes spyware components rose from 54.2% in January to 66.4% by the end of the year. These figures reinforce the notion that malware authors are engaging in targeted attacks, rather than widespread bombardment, and also help explain a rise in the amount of spam spewed out by zombie computers - now accounting for over 60% of the world's spam.

"Unlike viruses or worms, Trojans cannot replicate on their own, meaning that they must be deliberately emailed or planted on websites in order to spread. It's more and more common for new Trojans to become widespread after being spammed en masse from zombie computers," added Cluley. "It's no surprise that most of the top ten threats allow hackers to gain access to an infected PC, enabling them to create a zombie, steal information, and dish out their malware from under the nose of unsuspecting users."

The Sophos report reveals that unprotected computers have a 40% chance of being infected by an internet worm within ten minutes, turning them into a zombie under a remote hacker's control.

The report also identifies which countries around the world have been responsible for relaying the most spam during 2005, and that pornographic spam and messages attempting "pump-and-dump" stock scams have surged.
Add comment  Email to a Friend

Copyright © 2001-2024 Computer Crime Research Center
CCRC logo