Top ten viruses and hoaxes reported to Sophos in March 2005

March 31, 2005 Sophos Press Release

Sophos, a world leader in protecting businesses against spam and viruses, has published a report revealing the top ten viruses and hoaxes causing problems for businesses around the world during the month of March 2005.

The report, compiled from Sophos's global network of monitoring stations, shows that Zafi-D, which first appeared at the end of 2004, is the most commonly encountered virus for the fourth consecutive month, accounting for 45.1% of all reports. The whole chart is dominated by old viruses, with only one of the top ten, Sober-K, having first appeared in 2005.

The top ten viruses in March 2005 were as follows:

Position Last
month
Malware Percentage of reports
11W32/Zafi-D
   45.1%
22W32/Netsky-P
   21.0%
33W32/Zafi-B
   5.9%
47W32/Sober-K
   5.8%
55W32/Netsky-D
   4.3%
66W32/Netsky-Z
   2.7%
79W32/Netsky-B
   2.3%
810W32/MyDoom-O
   1.3%
9Re-entryW32/Netsky-C
   1.1%
10Re-entryW32/Netsky-Q
   1.0%
Others9.5%

"March's virus chart is dominated by old timers such as Zafi-D and several versions of the Netsky worms - indeed, only one of the top ten first appeared in 2005. Poorly protected computers are the only reason these old viruses continue to wreak havoc," said Carole Theriault, security consultant at Sophos. "Some of these established threats are so widespread, they are preventing more recent viruses from breaking into the top ten. But users shouldn't be fooled into a false sense of security - with more than a thousand brand new threats detected in March alone, new viruses are being created every day. User education, up-to-date virus protection, and a cautious approach to opening unknown attachments is the best way to render viruses powerless."

Sophos analysed and protected against 1,225 new viruses in March. The total number of viruses Sophos now protects against is 102,123. Sophos research shows that 2.62%, or one in 38 emails, circulating during the month of March were viral. This figure is significantly lower than last month when 1 in 28 emails were viral.

In order to minimise exposure to viruses, Sophos recommends that companies deploy a policy at their email gateway which blocks unwanted executable attachments from being sent into their organisation from the outside world. Companies should also run up-to-date anti-virus software, firewalls and install the latest security patches.

The top ten hoaxes reported to Sophos during March 2005 are as follows:

Position Hoax Percentage of reports
1Hotmail hoax
   44.3%
2Meninas da Playboy
   7.9%
3Bonsai kitten
   5.4%
4A virtual card for you
   4.6%
5Jamie Bulger
   3.8%
6Budweiser frogs screensaver
   2.3%
7Applebees Gift Certificate
   2.2%
8Bill Gates fortune
   2.1%
9Bogus US Bank email
   1.3%
10Unidentified tsunami boy
   1.2%
Others24.9%

"The Hotmail hoax continues to be the most prevalent bogus email, accounting for almost half of March's hoax reports. Meanwhile, reports of the tsunami-related chain letters have fallen drastically," continued Theriault. "Users who forward these chain emails to their colleagues, friends and families are needlessly clogging up email servers and inboxes. Employers can put a halt to this by introducing best practice email policies which ensure users delete rather than forward all unsolicited messages."

Sophos has made available a free, constantly updated information feed for intranets and websites which means users can always find out about the latest viruses and hoaxes.

Graphics of the above top ten virus chart are available here.

More information about safe computing, including anti-hoax policies.