In this section

• Home
• Press office
• News archive
• Articles
• 2007
• 01

• Journalists' guide
• News archive

Talk to our experts

• Press contacts

Resources

• Sophos Podcasts
• Image gallery
• Customer case studies
• Free anti-virus
• White papers
• Awards and reviews
• Industry affiliations

Sophos blogs

• SophosLabs blog
• Graham Cluley's blog
• Paul Ducklin's blog
• Chet's blog

Info feeds

• Security news
• Company news
• More...

What are info feeds?

3 January 2007

Top ten malware threats and hoaxes reported to Sophos in December 2006 New Year's greeting worm topples Stratio as most prevalent malware

Sophos, a world leader in IT security, has revealed the most prevalent malware threats and email hoaxes causing problems for computer users around the world during December 2006.

The figures, compiled from Sophos's global network of monitoring stations, show that the long-established Dref malware has made an unexpected return to the top of the threat chart, thanks to two new variants currently causing problems for computer users worldwide.

The Dref-V mass-mailing worm, which poses as a New Year e-card, was discovered on December 30, 2006, and by the following day accounted for 93.7% of infected emails. As a result, Dref - which was first seen in July 2005 - has knocked last month's main offender Stratio (also known as Stration) off the top of the chart. Stratio, currently in fourth place, now accounts for just 7.8% of the total.

The top ten list of malware threats in December 2006 reads as follows:

Position	Last month	Virus	Percentage of reports
1	New	Dref	35.2%
2	2	Netsky	22.2%
3	8	Mytob	10.7%
4	1	Stratio	7.8%
5	3	Bagle	5.2%
6	4	Zafi	4.8%
7	6	MyDoom	3.3%
8	9	Sality	2.8%
9	6	Nyxem	1.3%
10	New	StraDl	0.9%
Others			5.8%

"Dref has been spammed out far and wide in the last few days, and there's a danger that in the rush to get through the backlog of holiday emails, people might return to work and accidentally launch the malicious attachment," said Carole Theriault, senior security consultant at Sophos. "Its social engineering tactics are not new, so most businesses should have adequate defenses in place to tackle the worm. Having spread for only two days during the entire month, it is astonishing that Dref has secured the top position for most widespread piece of malicious code."

The proportion of infected email continues to remain low, at just one in 337 (0.30%), while during December Sophos identified 6,251 new threats, bringing the total number of malware protected against to 207,684.

The top ten hoaxes and chain letters in December 2006 were as follows:

Position	Hoax	Percentage of reports
1	Hotmail hoax	23.1%
2	Olympic torch	9.4%
3	Elf Bowling	5.6%
4	Applebees Gift Certificate	4.4%
5	Sainsbury's gift vouchers	3.7%
6	Bonsai kitten	3.3%
7	A virtual card for you	3.0%
8	ATM Theft	2.3%
9	Meninas da Playboy	2.2%
10	Budweiser frogs screensaver	2.1%
Others		40.9%

Graphics of the above top ten malware chart are available.

• Bookmark with del.icio.us
• Submit this story to digg
• Submit this story to slashdot

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.

See also:

• Dref-V email worm spreads malicious Happy New Year greeting
• Listen to Sophos podcasts
• Free notification of new viruses found in the wild