Press Releases

Browse our press release archive

03 Dec 2007

Three year old worm accounts for almost a quarter of email-borne malware, reports Sophos

Rise of old-timer indicates too many users failing to protect their systems

IT security and control firm Sophos has revealed the most prevalent malware threats and countries causing problems for computer users around the world during November 2007.

The study, compiled by Sophos's global network of monitoring stations, has shown that old-timer, Traxg, has leapt to number two in the chart, accounting for nearly 25 percent of all recorded email-borne malware in November, despite first being detected more than three years ago in October 2004. Pushdo once again topped the chart in November, in a month that has seen the malware author continue to release a number of variants, including the latest offering - a naked video of Britney Spears - in an attempt to entice and dupe unwary users.

Top ten email-based malware threats

The top ten list of email-based malware threats in November 2007 reads as follows:

Position Last
month		 Malware Percentage of reports
1 1 Troj/Pushdo
29.3%
2 New W32/Traxg
23.6%
3 2 W32/Netsky
17.8%
4 new Mal/Dropper
5.4%
5 4 W32/Zafi
5.0%
6 5 W32/Mytob
4.8%
7 re-entry W32/Flcss
3.3%
8 8 W32/MyDoom
2.9%
9 re-entry W32/Strati
2.8%
10 re-entry W32/Bagle
1.0%
Others 4.1%

"Traxg hurtling into second position this month has come as a complete surprise, and the fact that unsophisticated worms are still slipping through the net at such a rate of knots is a clear indication that huge numbers of users, and potentially companies, are failing to install even basic anti-virus protection," said Graham Cluley, senior technology consultant at Sophos. "In first place, Pushdo continues to wreak havoc. A clear reason for its ongoing success is the guilty cybercriminal's ability to quickly create different variants, which are being spread voraciously in a range of spam messages. Each new piece of spam that harbours the trojan has been created to tempt users, and whether it's enticing them to watch videos of Britney or view naked pictures of Angelina, this fraudster's tactics are certainly working."

Overall in November, 0.1 percent of emails were carrying malicious email attachments, or one in every 1,000. Meanwhile, web attacks have risen this month, with Sophos detecting 7,500 new infected webpages every day, an increase of more than a third when compared to the same period in October.

Top ten web-based malware threats

The top ten list of web-based malware threats in November 2007 reads as follows:

Position Last
month		 Malware Percentage of reports
1 1 Mal/IFrame
69.6%
2 3 Mal/ObfJS
11.6%
3 2 Troj/Unif
3.7%
4 5 Troj/Decdec
2.3%
5 4 Troj/Fujif
1.2%
6 New W32/Feebs
1.0%
7= 7 Mal/Packer
0.7%
7= New Troj/Unsc
0.7%
9 re-entry Mal/Behav
0.6%
10 re-entry Mal/FunDF
0.5%
Others 8.1%

Mal/Iframe once again topped the chart this month, accounting for more than two thirds of all infected web pages found in November, with Mal/ObfJS also maintaining its position in second place. Elsewhere in the chart, Unsc, a Trojan that attempts to download malicious code from the web, has made a first appearance at number seven. Meanwhile, webpages hosted in China continue to be plagued by Mal/Iframe, and overall the country hosted more than 50 percent of this month's infected webpages.

Top ten countries hosting malware on the web

The top ten list of countries hosting malware-infected webpages in November 2007 reads as follows:

Position Last
month		 Country Percentage of reports
1 1 China (inc. HK)
55.2%
2 3 United States
19.7%
3 3 Russia
11.4%
4 4 Ukraine
2.0%
5 9 Germany
1.6%
6 New Turkey
1.4%
7 6 Canada
0.8%
8= 7 United Kingdom
0.7%
8= Re-entry Poland
0.7%
10 New France
0.6%
Others 5.9%

"The big three - China, the US and Russia- continue to dominate the chart, accounting for more than 85 percent of all infected webpages world-wide," continued Cluley. "Despite this, the fluctuation in the rest of the chart, highlighted by the four new entries this month, shows that this is very much a global problem. To stop it turning into a major pandemic, web hosts throughout the world would be well advised to clean up their sites and quash the hackers by installing web security protection."

Top ten hoaxes and scams

The top ten list of email hoaxes and scams in November 2007 reads as follows:

Position Hoax Percentage of reports
1 Olympic torch
10.1%
2= Hotmail hoax
5.8%
2= A virtual card for you
5.8%
4 Parcel Delivery Service scam
4.8%
5 A Vida é Bela
3.4%
6 MSN is closing down
2.3%
7= Welcome to the Matrix
2.2%
7= Bum_tnoo7 Facebook hacker
2.2%
9 Bill Gates fortune
2.1%
10 Applebees Gift Certificate
1.7%
Others 59.6%

Sophos experts have compiled simple best practice guides to adopting a multi-layered defense. With blended threats, spam and phishing attacks on the rise it has never been more important to educate end users about how best to protect themselves.

Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy