Top ten viruses and hoaxes reported to Sophos in November 2002

November 29, 2002 Sophos Press Release

This is the latest in a series of monthly charts counting down the ten most frequently occurring viruses and hoaxes as compiled by Sophos, a world leader in corporate anti-virus protection.

For November 2002, the chart is as follows, with the most frequently occurring virus at number one:

Position Last
month
Malware Percentage of reports
11W32/Bugbear-A
   29.4%
2NewW32/Braid-A
   8.5%
32W32/Klez-H
   7.7%
43W32/Opaserv-A
   5.4%
56=W32/Opaserv-C
   5.1%
6Re-entryW32/Flcss
   4.6%
7Re-entryW95/Spaces
   3.3%
8NewW32/Opaserv-F
   2.5%
910W32/Opaserv-B
   2.1%
106=W32/Opaserv-D
   2.0%
Others29.4%

"Bugbear dominates the chart for the second month as it continues to out-fox users with its dual mode of attack - this worm can spread via email and network shares," said Graham Cluley, senior technology consultant, Sophos Anti-Virus. "It's important that all users ensure they are protected against Bugbear because it implants code that can log victims' keystrokes. This means hackers have a perfect view of everything you type - this could include passwords, bank account details and credit card numbers."

Also making a big impact this month was the new Braid worm. This is an email aware worm with an attachment. However, if the recipient's system is left unpatched against a Microsoft vulnerability, the virus can run automatically, as soon as the offending email is opened. Alongside keeping anti-virus protection up to date, Sophos reminds users to patch against all known vulnerabilities and be suspicious of all unsolicited emails.

The FunLove worm and Spaces virus make chart comebacks even though protection against these threats was issued back in 1999.

Sophos detected 817 new viruses, worms and Trojan horses in November, the total number it now protects against is 78,381.

The top ten hoaxes reported to Sophos during November 2002 are as follows:

"All too often, users receiving email warnings of viruses circulate them to all their contacts in the mistaken belief they are doing good. In reality, these actions cause uncertainty, waste bandwidth, clog up email servers and spread disinformation," continued Cluley. "Instead, businesses should instruct all employees to send all such emails to a single, nominated person who is responsible for checking out whether the threat is real or fake."

Sophos has made available a free, constantly updated information feed for intranets and websites which means users can always find out about the latest viruses and hoaxes.

Graphics of the virus top ten chart are available here.

More information about safe computing, including anti-hoax policies.

Position Hoax Percentage of reports
1JDBGMGR

 22.0%
2Budweiser frogs screensaver

 11.5%
3Meninas da Playboy

 7.9%
4Hotmail hoax

 5.5%
5A virtual card for you

 5.0%
6Bonsai kitten

 3.5%
7Mobile phone hoax

 3.2%
8Frog in a blender/Fish in a bowl

 2.8%
9Bill Gates fortune

 2.5%
10WTC Survivor

 2.1%
Others33.9%