Top ten viruses and hoaxes reported to Sophos in June 2005

July 01, 2005 Sophos Press Release

Sophos, a world leader in protecting businesses against spam and viruses, has published a report revealing the top ten viruses and hoaxes causing problems for businesses around the world during the month of June 2005.

The report, compiled from Sophos's global network of monitoring stations, reveals that the family of Mytob variants have exploded into the chart, holding seven of the top ten positions and accounting for over 40% of the top ten threats reported to Sophos.

The top ten viruses in June 2005 were as follows:

Position Last
month
Malware Percentage of reports
1NewW32/Mytob-BE
   12.6%
23W32/Netsky-P
   12.5%
3NewW32/Mytob-AS
   9.8%
4NewW32/Mytob-EP
   6.4%
5NewW32/Mytob-CM
   4.0%
6NewW32/Mytob-CN
   3.4%
7NewW32/Mytob-AT
   3.2%
82W32/Zafi-D
   3.1%
94W32/Netsky-D
   3.0%
10NewW32/Mytob-CJ
   2.9%
Others39.1%

"It seems that the more established virus families, such as Netsky and Zafi, are meeting their match," said Carole Theriault, security consultant at Sophos. "The Mytob-BE worm, in lead position this month, spreads via email and opens a backdoor on the infected computer, allowing unauthorised and remote users to access the PC's contents. It also attempts to block access to computer security websites, making it more difficult for the user to get information on disinfection."

"Considering the plethora of Mytob worms, it seems the authors seem intent on cracking the formula for a worm than can both bypass security measures and collate information," continued Theriault. "There is a lot of talk in the industry about mass-mailing worms dying off, but we are seeing no evidence of this. Although virus writers are looking at other routes into an organisation, such as the internet, they have certainly not given up on taking advantage of people opening unsolicited email attachments."

Sophos identified and protected against 1,434 new viruses in June. The total number of viruses Sophos now protects against is 106,218. Its research shows that 2.3%, or one in 43 emails, circulating during the month of June were viral - a decrease on the previous month.

In order to minimise exposure to viruses, Sophos recommends that companies deploy a policy at their email gateway which blocks unwanted executable attachments from being sent into their organisation from the outside world. Companies should also run up-to-date anti-virus software, firewalls and install the latest security patches.

The top ten hoaxes reported to Sophos during June 2005 were as follows:

Position Hoax Percentage of reports
1Hotmail hoax
   20.9%
2Bonsai kitten
   10.8%
3Meninas da Playboy
   10.0%
4Jamie Bulger
   6.5%
5WTC Survivor
   5.2%
6Budweiser frogs screensaver
   3.6%
7A virtual card for you
   3.5%
8Bill Gates fortune
   3.2%
9Applebees Gift Certificate
   2.9%
10Press 9
   1.0%
Others32.4%

"The Hotmail hoax continues to be the most prevalent, increasing this month to more than 20% of all reported hoaxes, " continued Theriault. "The best advice for hoaxes hasn't changed: avoid forwarding or responding to unsolicited emails. Instead, simply delete them to save your business's bandwidth from being gobbled up by this drivel."

Sophos has made available a free, constantly updated information feed for intranets and websites which means users can always find out about the latest viruses and hoaxes.

Graphics of the above top ten virus chart are available here.

More information about safe computing, including anti-hoax policies.