The Month: ThreatStats - Virus landscape is dominated by strong pair as peak outbreak season approaches

By on

Position Change Name Percentage
1 0 Net-Worm.Win32.Mytob.c 25.32%
2 0 Email-Worm.Win32.Nyxem.e 24.24%
3 +1 Email-Worm.Win32.NetSky.b 5.84%
4 -1 Email-Worm.Win32.LovGate.w 5.83%
5 +2 Net-Worm.Win32.Mytob.q 3.14%
6 +5 Email-Worm.Win32.NetSky.y 3.03%
7 +1 Net-Worm.Win32.Mytob.u 2.97%
8 -2 Net-Worm.Win32.Mytob.t 2.97%
9 +7 Net-Worm.Win32.Mytob.w 2.07%
10 +4 Net-Worm.Win32.Mytob.r 1.64%

Mytob.c held off a strong challenge from Nyxem.e to top the July virus chart. In June, Nyxem.e stormed the virus chart, re-entering at number two after a lengthy absence. The virus was expected to nab the number one spot in July, but Mytob.c proved too strong, edging out Nyxem.e by just one per cent.

Kaspersky Lab also highlights the fact that we are about to enter the month synonymous with huge virus outbreaks. Alexander Gostev, senior virus analyst, at Kaspersky Lab, says: "August is traditionally the month for epidemics. We saw Lovesan in 2003, numerous Mydoom variants in 2004, and Mytob/Bozori (aka Zotob) in 2005. However, nearly all of these outbreaks were preceded by the disclosure of Windows vulnerabilities. So the answer to the question whether there will be an epidemic this August will depend on whether new vulnerabilities are found."

Source: Kaspersky Lab

Virus First Outbreak
threat anti-virus filter
Virus Date level signature lead time
raised available
Troj_Yabe.R 4/7/06 13:34 5/7/06 18:42 29:08 hrs
Troj/Cimuz-AP 5/7/06 13:51 7/5/06 15:06 1:15 hrs
Troj/Clagger-W 11/7/06 13:47 11/7/06 16:16 2:29 hrs
Troj/Harnig-AH 13/7/06 07:27 13/7/06 13:12 5:48 hrs
Troj/Downloader-AJB 17/7/06 09:01 17/7/06 10:19 1:18 hrs
Troj_Dloader.DHX 18/7/06 03:59 18/7/06 05:22 1:23 hrs
Troj_Goldun.AQ 18/7/06 8:10 19/7/06 01:27 17:17 hrs
Troj/Clagger-X 20/7/06 10:02 20/7/06 10:38 0:36 hrs
Troj/SmDldr-K 20/7/06 03:40 20/7/06 10:38 6:58 hrs
Troj/Dloadr-AJK 20/7/06 13:43 20/7/06 13:52 0:09 hrs
Troj/Goldun-DJ 23/7/06 08:52 23/7/06 13:24 4:32 hrs
BKDR.HaxDoor.GP 23/7/06 22:56 24/7/06 16:51 17:55 hrs

Almost all new threats recorded in July were trojans. The most
successful one was Yabe.R, which caught 29 hours before the first
signature was released. End-user education remains the main hurdle to
stopping email viruses.
Source: IronPort.

Position Name Percentage
1 Olympic torch 12.8%
2 Hotmail hoax 10.6%
3 Justice for Jamie 4.5%
4 Bonsai kitten 4.0%
5 Meninas da Playboy 3.1%
6 Budweiser frogs screensaver 2.6%
7 Bill Gates fortune 2.6%
8 MSN is closing down 2.4%
9 Mobile phone hoax 2.3%
10 A virtual card for you 1.9%
Others 53.2%

There has been little change in the world of hoaxes this month. Apart
from the fact that the Olympic torch and Hotmail hoax have swapped
places at the top, the top ten has remained static.
Source: Sophos.

The August Top 10 Spyware Threats shows the severe threats reported
between 1 and 31 July. The percentage is based on number of times each
threat was found divided by the number of scans run. These threats are
classified moderate to severe based on method of installation among
other criteria. The majority of these threats propagate through stealth
installations or social engineering.
Source: Sunbelt Software.

1 DesktopScam A trojan that is downloaded with
rogue security applicatons in order
to frighten the affected user into
purchasing the rogue program. 2.94

2 Zlob.Media-Codec A trojan that installs rogue security
software on the infected machine
without notice and consent. 1.17

3 Trojan.WinlogonHook. A backdoor trojan that gives an
Delf.A attacker the ability to control the
infected machine without the user's
knowledge. 1.07

4 Virtumonde An adware program that displays
pop-up advertisements on the
desktop and also downloads other
software from various remote
servers. 1.01

5 SpywareQuake A purported anti-spyware application
that scans for and removes
spyware from users' computers. 0.93

6 Looking-For.Home Home Search Assistant is an IE
Search Assistant browser helper object that changes
the user's home page and modifes
search results. It also spawns
pop-ups. 0.90

7 Command Service An adware application that opens
pop-ups and displays advertising on
the user's desktop while browsing
web pages. It is installed by a
number of drive-by downloaders,
including IE-Plugin. 0.75

8 Zango.CommonElements Displays third-party advertising
on the PC. The ads can take
several forms, including pop-ups,
banners or links embedded within
web pages 0.72

9 Zango.SearchAssistant Opens new browser windows showing
websites based on the previous
websites visited. 0.70

10 DollarRevenue An adware program that spawns
pop-up advertising on the desktop
and downloads other adware. 0.68

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition

Most Read Articles

Log In

  |  Forgot your password?