Mytobs continue to plague computer users, Sophos comments

June 15, 2005 Sophos Press Release

Experts at SophosLabs™, Sophos's global network of virus and spam analysis centers, report that the malicious family of Mytobs continues to grow. New variants are being pushed out by the virus writers, using a variety of tactics to try and infect computers around the world.

In the last 24 hours, the Mytob family have accounted for 58% of all reports to Sophos with 14 Mytob variants in the top 20 threats currently infecting computers.

The most widespread variant of the family, Mytob-AS, was first seen and protected against on Friday, 10 June and is responsible for 15% of the reports. Mytob-AS is not only spread via email, it also scans the internet for computers who haven't patched against a variety of Microsoft security loopholes, such as the LSASS (MS04-011) vulnerability.

"Patching against operating system vulnerabilities has never been more important," said Carole Theriault, security consultant at Sophos. "With a growing number of threats designed to steal sensitive and confidential information, computer users want to ensure that their barriers are up and ready to thwart these beasties."

The Mytob worms turn off security programs on infected Windows computers and deny access to many popular security websites. They also attempt to open a backdoor onto the computer, allowing unauthorised remote hackers to gain access.

"There is nothing to suggest that the slew of Mytobs are tailing off just yet," continued Theriault.