Sophos, a world leader in protecting businesses against viruses,
spyware and spam, has revealed the top ten viruses and hoaxes
causing problems for businesses around the world during the month
of March 2006.
The report, compiled from Sophos's global network of monitoring
stations, reveals that whilst the chart is dominated by
long-established threats, a Trojan horse has penetrated the top ten
for the second consecutive month. This entry of Clagger-I
demonstrates that cyber criminals are continually developing new
multi-pronged attacks and mass spamming campaigns to generate
The top ten malware in March 2006 were as follows:
First seen at the start of March, the Clagger-I Trojan horse was
aggressively seeded by its creator using spam technology, in an
attempt to infect as many people as possible in the shortest amount
of time. Clagger-I was spammed out disguised as an email from
PayPal, but a legitimate message from the online payment service,
commonly used by eBay users, would never contain an attached
"All computer users should treat any unsolicited email
attachments with extreme caution, or they run the risk of being
ripped off," said Graham Cluley, senior
technology consultant at Sophos. "Anyone unfortunate enough to run
malicious software could potentially be allowing hackers to gain
access to their computer to spy, steal and cause havoc. Users need
to savvy-up to reduce the risk of being taken in by greedy,
money-grabbing internet criminals."
The two re-entries this month, MyDoom-AJ in fourth position and
Mytob-Z at tenth, were both first detected in April 2005. These
worm variants have been absent from the top ten for several months,
but this resurgence shows their ongoing potential to cause
"Mytob-Z is a particularly tricky worm - not only can it spread
like wildfire, but it plants a backdoor Trojan horse," continued
Cluley. "Once infection has occurred, the unfortunate user's
computer can then be spied upon or used to send spam or launch
denial of service attacks. The worm's re-entry into the chart this
month is a further indication of cyber criminals employing malware
for their ill-gotten gains. Without a consolidated security
solution in place, businesses and home users risk fighting a losing
battle against financially motivated threats and leave their
computers and networks open to attack."
Nyxem-D, the Kama Sutra worm, which uses a variety of pornographic
disguises in an attempt to spread and disable security
software, is at number three this month. Despite the widespread
publicity this worm has received since it was first detected in
January 2006, it continues to plague and fool users. However, this
worm has failed to topple old-timers Netsky-P and this month's
worst offender, Zafi-B.
Sophos's research shows that 0.9% or one in 108 emails is viral.
The company now identifies and protects against a total of 120,042
email threats, an increase of 850 on last month.
The top ten hoaxes and chain letters in March 2006 were as
"The hoax chart has received a shake-up this month, with the
Hotmail hoax finally being toppled off the top spot after 20
months, and the arrival of two new entries that seem to be fooling
users," said Cluley. "The Olympic torch chain letter, which
recipients that their hard disk will be 'burned' if a certain
attachment is opened, has gathered momentum, leaping up the chart
to number one. By instilling panic in users about the safety of
their computers, the hoaxer has clearly hit on a raw nerve."
Sophos has made available a free, constantly updated RSS information feed which means users can always
find out about the latest viruses and hoaxes.
Graphics of the above top ten virus chart are also available.
For more information about the latest trends in viruses, spyware
and spam read the in-depth Sophos Security Threat Management Report