Sophos Top Ten Viruses And Hoaxes In September 2005
Sophos, a world leader in protecting businesses against viruses, spyware and spam, has revealed the top ten viruses and hoaxes causing problems for businesses around the world during the month of September 2005.
The report, compiled from Sophos’s global network of monitoring stations, reveals that Netsky-P, the worm written by convicted German teenager Sven Jaschan, continues to head up the top ten, nineteen months after it was first detected. Sophos reports that the average age of the top ten viruses is eight months, demonstrating that a large number of users are still being complacent about installing and updating their virus protection.
The top ten viruses in September were as follows:
1. W32/Netsky-P 18.6%
2. W32/Mytob-BE 7.6%
3. W32/Mytob-AS 6.8%
4. W32/Zafi-D 4.3%
5. W32/Netsky-D 3.3%
6. W32/Mytob-CX 2.8%
7. W32/Mytob-EP 2.7%
8. W32/Mytob-CJ 2.6%
9. W32/Mytob-C 2.5%
10. W32/Mytob-CN 2.0% re-entry
Others 46.8%
At the top of the chart, Netsky-P has risen in prevalence for the second consecutive month, from 14.7% to 18.6% – there has also been an increase in reports of other old-timers Zafi-D and Netsky-D. With a growing number of targeted threats being written for financial gain, Sophos is seeing a drop in mass-mailed attacks, allowing for the more established email viruses to maintain their prominent position in the top ten. Sophos first issued protection against Netsky-P on March 22, 2004. Variants of the Mytob worm, which was first identified in March 2005, continue to account for around half of all viruses reported in September.
“Netsky-P’s continued dominance raises serious questions about the level of security currently deployed by some PC users,” said Carole Theriault, senior security consultant at Sophos. “Businesses and home users alike have had nineteen months to update their software, but an alarming number still obviously haven’t got round to it. There’s no doubt that greater education is needed to alert users about the severe security risks posed by such lax behaviour.”
The Netsky-P worm spreads via email and internet file-sharing systems, and has to tempt PC users into launching an infected file. The news that individuals are continuing to fall for this trick and downloading infected files, coincides with a recent Sophos survey, which revealed that 79% of IT professionals believe employees are putting their organisations at risk by failing to act safely online.
“Not only must firms ensure that they keep their virus, spyware and spam protection updated, but IT managers have to start enforcing strict security policies to ensure employees don’t jeopardise that protection through reckless online behaviour,” added Theriault. “Smaller, targeted attacks are on the increase, with the emergence of a new breed of financially-motivated online criminal. The concern is that if users continue to combine unsafe computing practices with outdated threat protection, they’ll be a soft target for this new form of attack.”
On a positive note, there has been a further drop in the number of infected emails – the fifth in successive months. Sophos’s research shows that 1.53%, or one in 65 emails, circulating in September were viral, while Sophos identified and protected against 1,233 new viruses during the month. The total number of viruses Sophos now protects against is 110,457.
In order to minimise exposure to viruses, Sophos recommends that companies deploy a policy at their email gateway which blocks unwanted executable attachments from being sent into their organisation from the outside world. Companies should also run up-to-date anti-virus software, firewalls and install the latest security patches.
The top ten hoaxes reported to Sophos during September 2005 were as follows:
1. Hotmail hoax 16.0% 15th month at number one
2. Meninas da Playboy 11.3%
3. WTC Survivor 9.5%
4. Bonsai kitten 8.8%
5. Budweiser frogs screensaver 8.3%
6. A virtual card for you 5.8%
7. Bill Gates fortune 3.7%
8. Jamie Bulger 3.0%
9. ICE virus hoax 1.6%
10. HIV Needles 1.0% new entry
Others 31.0%
“While it’s another month at the top for the Hotmail hoax, it’s encouraging to see that the ICE virus hoax has fallen by five percent in the last month, as life in London continues to return to normal following the July terrorist attacks,” said Theriault.