Top ten malware threats and hoaxes reported to Sophos in May 2006

June 01, 2006 Sophos Press Release

Sophos, a world leader in protecting businesses against viruses, spyware and spam, has revealed the most prevalent malware threats and hoaxes causing problems for businesses around the world during May 2006.

The report, compiled from Sophos's global network of monitoring stations, reveals that the Netsky-P worm, first seen in March 2004, remains the most widespread piece of malware spreading via email. The family of Mytob worms are also causing multiple infections, with five variants appearing in the top ten.

Sophos identified 1,538 new threats in May, bringing the total of malware protected against to 122,634. The majority of the new threats (85.1%) were Trojan horses, while just 12.3% were worms or viruses.

The proportion of email which is virus infected has dropped considerably over the last year as hackers have turned from mass-mailing attacks to targeted Trojan horses. In May 2005, one in every 38 emails was infected, now this number is just one in 141.

The top ten list of malware in May 2006 reads as follows:

Position Last
month
Malware Percentage of reports
11W32/Netsky-P
   16.7%
22W32/Zafi-B
   11.4%
33W32/Nyxem-D
   7.5%
410W32/Mytob-AS
   6.3%
5NewW32/Mytob-P
   5.3%
5NewW32/Mytob-M
   5.3%
74W32/Netsky-D
   3.7%
8Re-entryW32/MyDoom-O
   3.6%
96W32/Mytob-FO
   2.9%
107W32/Mytob-C
   2.1%
Others 35.2%

"Netsky-P's strong position at the top of the chart shouldn't fool anyone into thinking that the malware problem is in the past. The threat environment is actually becoming much more sinister, as we see more targeted malware attacks use spyware technology to snoop upon individuals and businesses," said Carole Theriault, senior security consultant at Sophos. "Businesses need to think more holistically about their IT defences. Anti-virus protection at both the gateway and the desktop must be accompanied by firewalls, regular security patch upgrades and safe computing best practice."

The top ten hoaxes and chain letters in May 2006 were as follows:

Position Hoax Percentage of reports
1Olympic torch
   18.6%
2Hotmail hoax
   15.1%
3Justice for Jamie
   4.8%
4Bonsai kitten
   4.2%
5Budweiser frogs screensaver
   4.1%
6Meninas da Playboy
   3.8%
7MSN is closing down
   3.0%
8Bill Gates fortune
   2.8%
9MySpace J_Neutron07 virus
   1.9%
10WTC Survivor
   1.6%
Others40.1%

"This month's number one, the Olympic Torch hoax, warns recipients that their hard disk will be 'burned' if a certain attachment is opened," said Theriault. "Meanwhile, the popular MySpace online community is beginning to experience hoaxes of its own as members spread bogus warnings to each other. Hoaxes and chain letters like these cause users to panic, and it's wise to remember to always think twice and check the facts before forwarding an email warning."

Graphics of the above top ten virus chart are available.