Top ten viruses and hoaxes reported to Sophos in November 2003

November 28, 2003 Sophos Press Release

Mimail takes five chart places, but Sober-A hits hardest

Sophos, a world leader in protecting businesses against spam and viruses, has revealed the top ten viruses and hoaxes causing problems for businesses around the world.

The report, which examines virus and hoax reports in the month of November 2003, shows that a new email aware worm stormed to the top of the charts, whilst an existing hoax had a new burst of life.

The top ten viruses in November 2003 were as follows:

Position Last
month
Malware Percentage of reports
1NewW32/Sober-A
   32.6%
2=NewW32/Mimail-C
   9.5%
2=NewW32/Mimail-F
   9.5%
42W32/Dumaru-A
   8.0%
53W32/Mimail-A
   5.1%
65W32/Gibe-F
   4.5%
76W32/Nachi-A
   2.6%
8NewW32/Mimail-J
   2.4%
95W32/Klez-H
   2.2%
10NewW32/Mimail-E
   1.5%
Others22.1%

"Although Mimail attempted to hijack the chart with a total of five entries - totalling over a quarter of all reports - it is the bilingual Sober worm that has caused the most problems for computer users this month," said Graham Cluley, senior technology consultant at Sophos. "Sober-A sneakily disguises itself using a number of subject titles and messages, making it difficult to spot with the naked eye. It can even present itself in German if it thinks it is being examined on a German user's computer."

"The Mimail worms attempted a number of different tricks, including attempting to steal the credit card information from Paypal users," continued Cluley. "The virus writers and hackers are becoming more determined in their attempts to steal confidential information that could leave you out of pocket".

Sophos analysed and protected against 724 new viruses in November. The total number it now protects against is 86,081.

The top ten hoaxes reported to Sophos during November are as follows:

"A new version of the Hotmail hoax, promising users extra storage space if they forwarded an email to their friends, helped keep the hoax at the top of the list of hottest hoaxes," said Cluley.

"Creeping into the chart is the 'Do not push 90#' chain letter which is based on a genuine telephone scam from the early 1990s, and has caused people to be unnecessarily alarmed. If you receive a virus hoax, chain letter or email scam you should delete it immediately and resist any temptation to forward it on," continued Cluley. "Remember that passing the email on, and continuing the chain simply serves to spread confusion, annoy recipients and clog up bandwidth."

Sophos has made available a free, constantly updated information feed for intranets and websites which means users can always find out about the latest viruses and hoaxes.

Graphics of the virus top ten chart are available here.

More information about safe computing, including anti-hoax policies.

Position Hoax Percentage of reports
1Hotmail hoax

 31.3%
2Meninas da Playboy

 12.7%
3Bonsai kitten

 6.2%
4Budweiser frogs screensaver

 4.7%
5JDBGMGR

 4.0%
6A virtual card for you

 3.8%
7Bill Gates fortune

 3.0%
8Frog in a blender/Fish in a bowl

 2.9%
9WTC Survivor

 2.3%
10Do not push 90#

 1.8%
Others27.3%