Sophos, a world leader in protecting businesses against viruses,
spyware and spam, has revealed the top ten viruses and hoaxes
causing problems for businesses around the world during the month
of December 2005.
The report, compiled from Sophos's global network of monitoring
stations, reveals that Sober-Z has taken the
world by storm this month, accounting for a massive 78.92% of all
malware reported to Sophos. Its domination of the charts is making
other current threats pale in comparison, and the Sober threat
shows no sign of slowing down.
The top ten viruses in December were as follows:
The highly prolific Sober-Z worm sends itself as an email
attachment and attempts to turn off security software on the user's
computer. The author of this worm has been operating anonymously
for more than two years, and this latest threat is the cyber
criminal's most widespread virus yet.
"A key differentiator of the Sober worms is their ability to
dupe users. From promising World Cup
football tickets, to posing as the FBI or long-lost pal, it
seems the Sober family will stop at nothing to ensure that
recipients launch the viral email attachment," said Carole Theriault, senior
security consultant at Sophos. "The Sober-Z worm stormed to the top
of the November 2005 chart and continued to hold the number one
spot throughout December. Should the author go ahead and upload
malware onto websites for infected machines to grab and run, as
anticipated, the worm may disrupt businesses even further."
Ironically Sober-Z, which can disguise itself as a message from
investigators at the FBI, CIA or Germany's Federal Crime Office
(BKA), led to the arrest of a
child porn offender this month. The 20-year-old German man
believed the contents of the infected email, which informed him
that he was being investigated by the BKA for visiting illegal
websites, and subsequently turned himself into the police.
"Rarely does a virus actually benefit society, but few people
would discourage the German police from investigating this guy,"
continued Theriault. "However, it is an inadvertent victory for
justice - the Sober virus writer has been causing havoc for
computer users around the world for several years. The good news is
that this persistent worm is easy to combat if home users and
businesses have effective up-to-date anti-virus and anti-spam
protection in place, and if they follow safe computing
practices."
The rest of the chart has remained fairly static during
December. Zafi-B is the only climber, creeping up from seventh to
second position. However Sober-Z's dominance has ensured that this
worm still only accounts for 3.3% of malware reported to Sophos in
the last month of 2005. Elsewhere in the chart, Netsky-P is still
hanging on, but has dropped to third position, and several Mytob
variants continue to plague businesses and users, including two new
entries, Mytob-FO and Mytob-FM.
Sophos's research shows a significant rise in the number of
infected emails. In December, 6.1%, or one in 16 emails was viral.
Sophos now identifies and protects against a total of 115,748
viruses, an increase of 1,666 on last month.
In order to minimise exposure to viruses, Sophos recommends that
companies deploy a policy at their email gateway which blocks
unwanted executable attachments from being sent into their
organisation from the outside world. Companies should also run
up-to-date anti-virus software, firewalls and install the latest
security patches.
The top ten hoaxes reported to Sophos during December 2005 were
as follows:
"There are two re-entries fooling users this month," said
Theriault. "The Elf Bowling hoax, which has made a festive
re-appearance, warns users that the game is infected with a virus
and should be deleted immediately upon receipt. This hoax is
essentially harmless, but serves as a reminder to companies that
they should explain to employees the danger of distributing
executable files. The game, while not a malicious threat, can
divert employees from doing real work."
Sophos has made available a free, constantly updated information feed which means users can always find
out about the latest viruses and hoaxes.
Graphics of the above top ten virus chart are also available.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.