Press Releases

Browse our press release archive

06 Dec 2005

New threats increase by 48% in 2005 as cybercriminals turn to targeted attacks

Sophos annual security report names Zafi-D as year's worst malware

Sophos Security Threat Management Report 2005

Sophos, a world leader in protecting businesses against viruses, spyware and spam, has revealed the top ten malware threats of 2005, in a new in-depth report into the year's most pressing security issues.

In a year that has seen the number of new threats rise by a staggering 48%, the lingering W32/Zafi-D worm has taken the number one spot in the virus chart, while last year's hardest hitting virus, W32/Netsky-P, has dropped to second place.

In contrast, W32/Sober-Z - only unleashed in November 2005 - has already climbed to third position as it continues to disrupt and clog networks worldwide.

The 'Sophos Security Threat Management Report 2005' - which can be downloaded here - was compiled by the experts at SophosLabs™, and reveals that on average, one in every 44 emails was viral during 2005. This rose to one in twelve during major outbreaks, while 15,907 new malware threats were identified.

The top ten viruses of the year, reported at Sophos's global network of monitoring stations, are as follows:

PositionMalwarePercentage of reports
1 W32/Zafi-D
   16.7%
2 W32/Netsky-P
   15.7%
3 W32/Sober-Z
   6.0%
4 W32/Sober-N
   4.3%
5 W32/Zafi-B
   4.0%
6 W32/Mytob-BE
   3.9%
7 W32/Mytob-AS
   3.8%
8 W32/Netsky-D
   3.0%
9 W32/Mytob-GH
   1.9%
10 W32/Mytob-EP
   1.8%
Others 38.9%

"Don't let the figures fool you - old-timers may head up the top ten, but the enormous rise in the number of new threats shows that 2005 has been anything but quiet on the malware front," said Graham Cluley, senior technology consultant at Sophos. "This huge increase stems from the escalating interest in authoring Trojans, worms and viruses shown by criminal gangs intent on making a profit. By focusing their efforts on a smaller number of victims, cybercriminals can target them with bespoke malware, increasing their chances of slipping under the security net."

Interestingly, while all of the top ten threats are Windows-based worms, the number of Trojan horses written during 2005 outweighs worms by almost 2:1. In addition, the percentage of malware that includes spyware components rose from 54.2% in January to 66.4% by the end of the year. These figures reinforce the notion that malware authors are engaging in targeted attacks, rather than widespread bombardment, and also help explain a rise in the amount of spam spewed out by zombie computers - now accounting for over 60% of the world's spam.

"Unlike viruses or worms, Trojans cannot replicate on their own, meaning that they must be deliberately emailed or planted on websites in order to spread. It's more and more common for new Trojans to become widespread after being spammed en masse from zombie computers," added Cluley. "It's no surprise that most of the top ten threats allow hackers to gain access to an infected PC, enabling them to create a zombie, steal information, and dish out their malware from under the nose of unsuspecting users."

The Sophos report reveals that unprotected computers have a 40% chance of being infected by an internet worm within ten minutes, turning them into a zombie under a remote hacker's control.

The report also identifies which countries around the world have been responsible for relaying the most spam during 2005, and that pornographic spam and messages attempting "pump-and-dump" stock scams have surged.

Download "Sophos Security Threat Management Report 2005" Download the report

Sophos has made available free virus and security news RSS feeds, ensuring that internet users are always up-to-the-second with news about the latest viruses and security threats.

More information about safe computing. 

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.