The top ten malware threats and hoaxes causing problems for businesses around the world during the month of April 2006, from anti-virus software firm Sophos.
The report, compiled from Sophos’s monitoring stations, suggests that Netsky-P, which recently celebrated its second birthday, has returned to the top of the virus chart, replacing Zafi-B, which Sophos first protected against 22 months ago. However as a proportion of all malware, email viruses and worms continue to decline – 86pc of the threats reported to Sophos during April were Trojan horses, used by hackers to download malicious code, spy on users, steal information or gain unauthorised access to computers.
The top ten viruses in April 2006 were as follows:
1. Netsky-P 18.5%
2. Zafi-B 16.9%
3. Nyxem-D 8.5%
=4. MyDoom-AJ 3.9%
=4. Netsky-D 3.9%
6. Mytob-FO 3.6%
7. Mytob-C 2.8%
8. Mytob-Z 2.6%
9. Dolebot-A 2.2%
10. Mytob-AS 1.3%
Others 35.8%
"While email worms occupy the top spots, it’s clear that Trojan horses represent by far the most prominent threat to IT security," said Carole Theriault, senior security consultant at Sophos. "Trojans are constantly being fine-tuned by hackers to catch out specific targets. As they are likely to be more difficult to identify, there’s a danger that more individuals will make the mistake of clicking on an unsolicited attachment or a dubious weblink."
In addition, the firm found that at least 28pc of threats reported during April allow an unauthorised third party to access the computer remotely – further evidence that hackers are now primarily motivated by financial or data theft rather than simply to cause disruption.
The fact that fewer mass-mailing worms are being created while cybercriminals are focusing their efforts on smaller, targeted attacks, has meant that long established threats continue to dominate the top ten. This proves that many computer users are still failing to update their protection and remove the risk of infection from these old nasties.
What they say
"It’s astonishing that Netsky-P is still going strong 25 months on, and users with insufficient malware protection must take the brunt of the blame for giving it this continued lease of life," added Theriault. "While greater education is helping bring some users up-to-speed on IT security threats, Netsky and Zafi continue to linger, and many may wonder if Microsoft will strike the killer blow to these worms when it releases its Windows Vista operating system in 2007."
Security has long been publicised as the major addition in the next instalment of Microsoft’s widely-used Windows operating system, however details are still emerging as to how all-encompassing the new Vista security features will be, or the potential impact on malware designed for older versions of Windows.
"It’s important to remember that as older threats are vanquished, others will undoubtedly take their place," said Theriault. "Mass-mailing worms may be in decline, but it’s highly unlikely that they will disappear entirely – the introduction of a major new operating system may even spark a new wave of threats, as virus writers try to find holes in the product."
Elsewhere in the virus chart, there are re-entries for two Mytob variants, Mytob-C and Mytob-AS, while another email worm, Dolebot-A, enters the chart for the first time in ninth position, accounting for 2.2pc of all viruses reported. Sophos’s research shows that 0.7pc or one in 141 emails is viral. The company now identifies and protects against a total of 120,042 email threats, an increase of 850 on last month.
The top ten hoaxes and chain letters in April 2006 were as follows:
1. Hotmail hoax 13.5%
2. Music Top 50 11.2%
3. Olympic torch 9.0%
4. Meninas da Playboy 6.3%
5. Bonsai Kitten 5.2%
6. MSN is closing down 4.9%
7. Justice for Jamie 4.4%
8. Budweiser frogs screensaver 3.2%
9. Bill Gates fortune 3.0%
10. Paying for MSN 2.0%
Others 37.3%
"It’s a return to the top of the charts for the Hotmail hoax this month, while the Dutch language Music Top 50 chain letter has grown in prevalence, clogging bandwidth and wasting computer users’ time," said Theriault. "The chain letter purports to be from a new television programme, and falsely promises a free Discman for recipients that forward on the email to others. Given that we’re now firmly in the age of the iPod, it’s surprising that such outdated hoaxes continue to fool people – our advice is if an offer sounds too good to be true, it probably isn’t the real deal."
For more information about safe computing, including anti-hoax policies, please visit:
