Sophos, a world leader in protecting businesses against viruses,
spyware and spam, has revealed the top ten viruses and hoaxes
causing problems for businesses around the world during the month
of July 2005.
The report, compiled from Sophos's global network of monitoring
stations reveals that Netsky-P, the worm written by the recently
convicted German teenager, Sven Jaschan, tops the charts this
month. However, it is the variants of the Mytob worm that are
dominating the polls - accounting for seven of the top ten
positions and over 37% of all viruses reported to Sophos in
The top ten viruses in July were as follows:
"The sheer volume and range of the Mytob worms sees them hog
most positions in the virus chart. It's not the viciousness of the
worm that is the problem, but the constant onslaught of slightly
differing variants," said Carole Theriault, security
consultant, Sophos. "This month's only new entry into the chart is
another family member - Mytob-CX, and despite accounting for only
3.2% of viruses in July, it shows that the Mytob threat continues
to plague computer users."
SophosLabs, Sophos's global network of virus, spyware and spam
analysis centres, has analysed and provided protection against
hundreds of different Mytob variants, but new versions continue to
be released by virus writers and hackers.
"The Mytob army of malware is one of the biggest we have ever
seen," continued Theriault. "The criminals behind these attacks are
constantly releasing new viral code to do their dirty work for
Most of the variants infect networks via email and many are able
to take advantage of known software vulnerabilities, for which
security patches are available. Many versions are also equipped
with malicious code that enables them to communicate with the
outside world - though Sophos points out that these can be
contained by a firewall. Some new variants of the worm have even
adopted a trick commonly used by phishers, where an email message
directs recipients to a website. When they visit the site, they
involuntarily download the Mytob worm.
"The good news is that although the Mytob army is tricky, it is
controllable," continued Theriault. "Businesses can tackle these
worms so long as they keep multi-layered anti-virus protection,
firewalls and security policies fully updated, which will prevent
them from turning off the network's anti-virus protection." In
order to minimise exposure to viruses, Sophos recommends that
companies deploy a policy at their email gateway which blocks
unwanted executable attachments from being sent into their
organisation from the outside world. Companies should also run
up-to-date anti-virus software, firewalls and install the latest
Sophos identified and protected against 1,380 new viruses in
July. The total number of viruses Sophos now protects against is
107,598. Its research shows that 2.1%, or one in 47 emails,
circulating during the month of July were viral - a slight decrease
on the previous month, when one in 43 emails were infected.
The top ten hoaxes reported to Sophos during July 2005 were as
"The ICE virus hoax has jumped on the coat-tails of a legitimate
email campaign designed to encourage users to enter an 'In Case of
Emergency' number into their mobile phones in the wake of the
bombings in London. The hoax, however, tries to fool people into
believing that following the advice opens them up to a possible
mobile virus infection, which is complete poppycock," said
Theriault. "Apart from that, the hoax chart sees little movement
this month - with several of the same old faces cropping up. The
Hotmail hoax holds the number one spot for the 13th month and has
increased its domination by over ten percent."
"The Hotmail hoax continues to be the most prevalent, increasing
this month to more than 20% of all reported hoaxes, " continued
Theriault. "The best advice for hoaxes hasn't changed: avoid
forwarding or responding to unsolicited emails. Instead, simply
delete them to save your business's bandwidth from being gobbled up
by this drivel."
Sophos has made available a free, constantly updated information feed for intranets and
websites which means users can always find out about the latest
viruses and hoaxes.
Graphics of the above top ten virus chart are available here.
More information about safe
computing, including anti-hoax policies.