Cyber criminals fuel 2005 malware explosion

This year has seen the number of new malware threats rise by a staggering 48 percent, according to new research.

The analysis from Sophos reveals that, to date, the lingering Zafi-D worm has taken the No. 1 spot in the virus chart this year, while 2004's hardest hitting virus, Netsky-P, has dropped to 2nd place. In contrast, Sober-Z - only unleashed in November 2005 - has already climbed to third position as it continues to disrupt and clog networks worldwide.

The Sophos Security Threat Management Report 2005 reveals that on average, one in every 44 emails was viral during 2005. This rose to one in 12 during major outbreaks, while 15,907 new malware threats were identified. The top 10 viruses of the year are as follows:

Pos Name Percentage First seen

1. Zafi-D 16.7% December 2004
2. Netsky-P 15.7% March 2004
3. Sober-Z 6.0% November 2005
4. Sober-N 4.3% May 2005
5. Zafi-B 4.0% June 2004
6. Mytob-BE 3.9% June 2005
7. Mytob-AS 3.8% June 2005
8. Netsky-D 3.0% March 2004
9. Mytob-GH 1.9% October 2005
10. Mytob-EP 1.8% June 2005
Others 38.9%

"Don't let the figures fool you - old-timers may head up the top 10, but the enormous rise in the number of new threats shows that 2005 has been anything but quiet on the malware front," said Graham Cluley, senior technology consultant at Sophos.

"This huge increase stems from the escalating interest in authoring Trojans, worms and viruses shown by criminal gangs intent on making a profit. By focusing their efforts on a smaller number of victims, cyber criminals can target them with bespoke malware, increasing their chances of slipping under the security net."

While all of the top ten threats are Windows-based worms, the number of Trojan horses written during 2005 outweighs worms by almost 2:1. In addition, the percentage of malware that includes spyware components rose from 54.2 percent in January to 66.4 percent by the end of the year.

These figures reinforce the notion that malware authors are engaging in targeted attacks, rather than widespread bombardment, and also help explain a rise in the amount of spam spewed out by zombie computers - now accounting for over 60 percent of the world's spam.

"Unlike viruses or worms, Trojans cannot replicate on their own, meaning that they must be deliberately emailed or planted on websites in order to spread. It's more and more common for new trojans to become widespread after being spammed en masse from zombie computers," added Cluley.

"It's no surprise that most of the top 10 threats allow hackers to gain access to an infected PC, enabling them to create a zombie, steal information and dish out their malware from under the nose of unsuspecting users."

The study estimates that unprotected computers have a 40 percent chance of being infected by an internet worm within 10 minutes, turning them into a zombie under a remote hacker's control.

According to the report, pornographic spam and messages attempting "pump-and-dump" stock scams have surged.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.