Top Ten Viruses Most Frequently Detected by Panda ActiveScan in May
May started with a widespread epidemic caused by the Sasser worms. These malicious code exploit a vulnerability in Windows operating systems known as LSASS and as a result, many computers were infected in minutes. However, data gathered by the free, online scanner, Panda ActiveScan, shows that none of the Sasser variants have been able to take first place in the Top Ten viruses most frequently detected in May. Last month, Netsky.P held on to the top spot, causing 10 percent of infections.
Second in this ranking is Briss.A a Trojan that emerged at the beginning of May. Even though it is not designed to spread through its own means, it seems to have been widely circulated by malicious users via e-mail, Internet downloads, etc.
Although the presumed author of the Sasser and Netsky worm was identified and arrested on May 7, his creations continued to wreak havoc on users’ computer throughout the month. This is demonstrated by the fact third and fourth in the ranking are Sasser.ftp (a generic detection routine for the script created by the Sasser worms to download themselves to computers via FTP) and Sasser.B. The top half of last month’s Top Ten is completed with Netsky.D.
Another worm programmed to exploit a software vulnerability, Nachi.B, comes in sixth. This malicious code is followed by the Trojans, Downloader.L -which has appeared in the list of viruses most frequently detected over the last few months- and Revop.F, designed to download other malicious programs to the computer.
The last two positions in the Top Ten are taken by the B and Z variants of the Netsky worm.
Virus % frequency
W32/Netsky.P.worm 10
Trj/Briss.A 8.45
W32/Sasser.ftp 5.94
W32/Sasser.B.worm 5.2
W32/Netsky.D.worm 5.05
W32/Nachi.B.worm 4.6
Trj/Downloader.L 4.36
Trj/Revop.F 4.22
W32/Netsky.B.worm 10
W32/Netsky.Z.worm 8.45
The following conclusions can be drawn from the data collected by the free, online scanner, Panda ActiveScan last month:
– Software vulnerabilities continue to prove to be one the most effective means of spreading computer viruses. Both Netsky.P and the Sasser worms -which occupy four of the first five places in the ranking- use this method. This suggests that users need to be kept informed about the vulnerabilities detected in the software installed on their computers and to install the patches released to fix them.
– Three of the most frequently detected viruses in May are Trojans, marking an increase in the impact of this type of malicious code. Users should take note of this trend, given the different actions that Trojans can carry out on the computers on which they are installed, such as stealing confidential data that can then be used to commit fraud.