Top ten viruses and hoaxes reported to Sophos in November 2002

December 02, 2002 Sophos Press Release

Lynnfield, MA - Sophos, a world leader in corporate anti-virus solutions, announced the latest in a series of monthly charts counting down the ten most frequently occurring viruses and hoaxes as compiled by the company.

For November 2002, the virus chart is as follows, with the most frequently occurring virus at number one:

Position Last
month
Malware Percentage of reports
11W32/Bugbear-A
   29.4%
2NewW32/Braid-A
   8.5%
32W32/Klez-H
   7.7%
43W32/Opaserv-A
   5.4%
56=W32/Opaserv-C
   5.1%
6Re-entryW32/Flcss
   4.6%
7Re-entryW95/Spaces
   3.3%
8NewW32/Opaserv-F
   2.5%
910W32/Opaserv-B
   2.1%
106=W32/Opaserv-D
   2.0%
Others29.4%

"Bugbear dominates the chart for the second month as it continues to outsmart users with its dual mode of attack - this worm can spread via email and network shares," said Chris Wraight, technology consultant at Sophos, Inc. "It's important that all users ensure they are protected against Bugbear because it implants code that can log victims' keystrokes. This means hackers have a perfect view of everything you type - this could include passwords, bank account details and credit card numbers."

Also making a big impact this month was the new Braid worm. This is an email aware worm with an attachment. However, if the recipient's system is left unpatched against a Microsoft vulnerability, the virus can run automatically, as soon as the offending email is opened. Alongside keeping anti-virus protection up-to-date, Sophos reminds users to patch against all known vulnerabilities and be suspicious of all unsolicited emails.

The FunLove worm and Spaces virus make chart comebacks even though protection against these threats was issued back in 1999.

Sophos detected 817 new viruses, worms and Trojan horses in November, the total number it now protects against is 78,381.

The top ten hoaxes reported to Sophos during November 2002 are as follows:

"All too often, users receiving email warnings of viruses circulate them to all their contacts in the mistaken belief they are doing good. In reality, these actions cause uncertainty, waste bandwidth, clog up email servers and spread misinformation," continued Wraight. "Instead, businesses should instruct all employees to send all such emails to a single, nominated person who is responsible for checking out whether the threat is real or fake."

Sophos has made available a free, constantly updated information feed for intranets and websites which means users can always find out about the latest viruses and hoaxes.

Graphics of the virus top ten chart are available here.

More information about safe computing, including anti-hoax policies.

Position Hoax Percentage of reports
1JDBGMGR

 22.0%
2Budweiser frogs screensaver

 11.5%
3Meninas da Playboy

 7.9%
4Hotmail hoax

 5.5%
5A virtual card for you

 5.0%
6Bonsai kitten

 3.5%
7Mobile phone hoax

 3.2%
8Frog in a blender/Fish in a bowl

 2.8%
9Bill Gates fortune

 2.5%
10WTC Survivor

 2.1%
Others33.9%