Sophos, a world leader in protecting businesses against viruses,
spyware and spam, has revealed the top ten viruses and hoaxes
causing problems for businesses around the world during the month
of January 2006.
The report, compiled from Sophos's global network of monitoring
stations, reveals that a staggering 2,312 new pieces of malware
have been recorded this month - an increase of more than a third on
December's figures. Following its rampant domination of the chart
in December 2005, Sober-Z, while still the worst offender this
month, stopped spreading after 6 January, signalling the end of its
monopoly. The fall of Sober-Z early in the month has led to a
shake-up in the rest of the chart, including the entry of the new
Kama Sutra worm (Nyxem-D) and the re-entry of two previously
The top ten viruses in January were as follows:
The Sober-Z worm, which sent itself as an email attachment and
attempted to turn off security software on the user's computer, is
no longer a concern to users, but the fact that it stopped
spreading in the first week of January and still accounts for
almost 45% of malware reported to Sophos this month demonstrates
the potency of the attack.
Nyxem-D, the Kama Sutra worm, which was first seen on 18
January, propelled itself into the charts this month at number
four. The email worm uses a variety of pornographic disguises in an
attempt to spread and disable security software. Nyxem-D is also
programmed to overwrite
files on Friday 3 February.
"In many ways the Kama Sutra worm is a throwback to the days
when sexy subject lines and attachment names were often used to
tempt users to open the infected file," said Carole Theriault, senior
security consultant at Sophos. "The bad news for those who have
been infected by the worm is that they run the risk of having their
data wiped by its destructive payload on 3 February. This obvious
sign of infection is a far cry from the stealth tactics employed by
modern cyber criminals, bent on financial gain."
Theriault continued, "The rise of the Kama Sutra worm also shows
the importance of educating employees on safe computing practices -
whether it's opening joke files, pornography or screensavers, there
is always a risk of infection."
Elsewhere in the chart, Netsky-P is hanging on to its top five
place, creeping back up to number two this month.
"Some of these worms have been around for years, and should act
as a wake up call for businesses and users who don't have adequate
protection - these worms are simple to control as long as a
consolidated solution is in place, and their spread would have been
halted if anti-virus updates were applied," continued
Sophos's research shows that 1.4% or one in 70 emails is viral.
The company now identifies and protects against a total of 118,060
viruses, an increase of 2,312 on last month. A hefty proportion of
the new malware written at the moment is Trojan horses, which are
ideal for financially motivated hackers who want to target specific
victims, whilst keeping their code firmly beneath the radar.
In order to minimise exposure to viruses, Sophos recommends that
companies deploy a policy at their email gateway which blocks
unwanted executable attachments from being sent into their
organisation from the outside world. Companies should also run
up-to-date anti-virus software, firewalls and install the latest
The top ten hoaxes reported to Sophos during January 2006 were
"A new chain letter has entered the charts claiming that the MSN
will be closed down unless the bogus email is forwarded to family,
friends and colleagues," said Theriault. "As always, these chain
letters are best deleted as they waste bandwidth."
Sophos has made available a free, constantly updated RSS information feed which means users can always
find out about the latest viruses and hoaxes.
Graphics of the above top ten virus chart are also available.
For more information about the latest trends in viruses, spyware
and spam read the in-depth Sophos Security Threat Management Report