Mytob worm grabs first place in 2006's malware chart

January 26, 2007 Sophos Press Release

Sophos, a world leader in protecting businesses against viruses, spyware and spam, has revealed the top ten malware threats of the last 12 months, in its indepth report into the year's most pressing security issues.

The 'Sophos Security Threat Report 2007' - which can be downloaded here - was compiled by the experts at SophosLabs™, and reveals that although the proportion of infected email fell from 1 in 44 in 2005 to just 1 in 337 (0.3%) in 2006, there was nevertheless some high-profile malware dropping into users' inboxes. Worms such as Mytob, Netsky and Sober spread widely via email in 2006.

The top ten malware families of the year, reported at Sophos's global network of monitoring stations, are as follows:

Position Malware Percentage
1 W32/Mytob
29.9%
2 W32/Netsky
20.8%
3 W32/Sober
17.7%
4 W32/Zafi
8.0%
5 W32/Nyxem
5.6%
6 W32/Bagle
5.5%
7 W32/MyDoom
3.8%
8 W32/Stratio
1.3%
9 Troj/Clagger
1.0%
10 W32/Dref
0.9%
Others 5.5%

"The list of top ten malware families reveals that variants of the Mytob worm continue to plague insufficiently protected users around the globe. Mytob first emerged in March 2005, yet people are still being infected by this email-aware worm," said Graham Cluley, senior technology consultant for Sophos. "With thousands of different variants of Mytob, many of which are hidden within bespoke compression code, it is likely to continue to hit unprotected computer users in 2007."

18-year-old Farid Essebar, a Russian-born resident of Morocco, who used the online handle "Diabl0", was sentenced to two years in jail in September for spreading the Zotob worm. Evidence found within some Mytob variants suggests that he was also involved in their creation.

The Sophos security report also unmasks the United States is the number one country for malware hosting and spam-relaying.