Top ten viruses and hoaxes reported to Sophos in December 2004

January 06, 2005 Sophos Press Release

Sophos, a world leader in protecting businesses against spam and viruses, has published a report revealing the top ten viruses and hoaxes causing problems for businesses around the world during the month of December 2004.

The report, compiled from Sophos's global network of monitoring stations, shows that a new worm called Zafi-D, which appeared in mid-December, has knocked Netsky-P - 2004's most prevalent threat - from the top position.

The top ten viruses in December 2004 were as follows:

Position Last
month
Malware Percentage of reports
1NewW32/Zafi-D
   36.8%
22W32/Sober-I
   20.7%
31W32/Netsky-P
   15.5%
43W32/Zafi-B
   8.6%
55W32/Netsky-D
   2.8%
66W32/Netsky-Z
   2.5%
77W32/Bagle-AA
   2.0%
88W32/Netsky-B
   1.7%
9NewW32/Netsky-AD
   1.2%
109W32/MyDoom-O
   1.0%
Others7.2%

"Zafi-D has stormed to the top of the chart, eclipsing dominant old timers Netsky-P and Zafi-B. Even though it was only discovered mid-month, Zafi-D caused major havoc during the festive season, accounting for more than a third of all virus reports in December," said Carole Theriault, security consultant at Sophos. "Zafi-D purports to be sending cheeky seasonal cheer - the body of the email contains an embedded lewd graphic involving two 'smiley' faces to fool users into thinking the infected attachment contains a joke. Such tricks have duped large numbers of users into opening the attachment and launching the malicious code."

"Only 24 hours after it was discovered, Zafi-D accounted for over 72% of all virus reports, and one in ten emails were infected by the worm. It is discouraging to see a virus gain so much track in so little time. A lot of damage could be avoided if users simply kept their anti-virus protection up-to-date," continued Theriault.

Sophos analysed and protected against 964 new viruses in December. The total number of viruses Sophos now protects against is 98,499. Sophos research shows that over 5.6%, or one in 18 emails, circulating during the month of December were viral. This figure is the same as last month's figure.

The top ten hoaxes reported to Sophos during December are as follows:

Position Hoax Percentage of reports
1Hotmail hoax
   32.6%
2Meninas da Playboy
   9.7%
3A virtual card for you
   7.8%
4Elf Bowling
   5.4%
5Yahoo instant message
   4.2%
6Applebees Gift Certificate
   3.5%
7Bonsai kitten
   3.1%
8Budweiser frogs screensaver
   2.3%
9Jamie Bulger
   2.0%
10Bill Gates fortune
   1.5%
Others27.9%

"The Christmas-themed Elf Bowling hoax has re-entered the chart this month, just in time for the holiday season. The hoax warns computer users to be wary of emails containing a game called Elfbowl.exe, which it claims to be a dangerous virus," continued Theriault. "Although there have been viruses disguised as games, this warning is totally fake. However, it is possible for the game to be infected by a virus in the future and be redistributed via email. In order to be kept up-to-date with the latest virus threats, users should rely on information found on the websites of reputable firms."

Sophos has made available a free, constantly updated information feed for intranets and websites which means users can always find out about the latest viruses and hoaxes.

Graphics of the above top ten virus chart are available here.

More information about safe computing, including anti-hoax policies.