Application security

Familiar malware tops in April


An old favorite found its way back to the top of one virus tracking list last month.

Netsky-P, ranked as the second most widespread virus last month, moved to the top of Sophos' top ten malware threats for April, accounting for 18.5 percent of reports.

Netsky-P replaced Zafi-B, last month's leader, which accounted for nearly 17 percent of all reports in April.

The percentage of email viruses and worms reported – 86 percent of all threats during April were trojans – continued to decline, according to Sophos' report.

"While email worms occupy the top spots, it's clear that trojan horses represent by far the most prominent threat to IT security," said Carole Theriault, senior security consultant at Sophos. "Trojans are constantly being fine-tuned by hackers to catch out specific targets. As they are likely to be more difficult to identify, there's a danger that more individuals will make the mistake of clicking on an unsolicited attachment or a dubious weblink."

Because long-established, mass-mailing threats continue to dominate the top ten rankings, it's obvious that malicious users are focusing their time on developing more targeted new malware, according to Sophos.

"While traditional email worm threats such as Netsky-P secured top rankings this month, the overwhelming proportion of malware criminals shifting to trojan infiltration make it the most ominous threat for computer users," said Ron O'Brien, senior security analyst for Sophos. "Today's cyber criminals are continually seeking novel tactics to lure both unsuspecting, and now ever more fearful, computer users as targeted attacks for financial gain are quickly becoming the norm."

The Nyxem-D worm, also known as the Kama Sutra Worm, finished the month in third place, with 8.5 percent of reports. MyDoom-AJ and Netsky-D finished tied for fourth place with 3.9 percent of reports.

Meanwhile, the Mytob.c worm dominated the Kaspersky Lab top 20 for April, compiling more than 26 percent of viruses reported to the company. Eight other versions of the Mytob worm appear in the rankings.

The email worm NetSky.t finished with nine percent of the reported virus activity for last month.

April was also notable because all versions of the Zafi worm disappeared from the rankings, according to the Kaspersky report.

"I was surprised it lasted as long as it did," said Shane Coursen, senior technology consultant at Kaspersky. "I was actually surprised to see it make as much of a splash as it did."

Coursen added that researchers are seeing minor changes in viruses on a month-to-month basis that do now show up in top ten lists.

"As researchers, we continue to see some adjustments inside the code," he said. "It proves the malware writers are making adjustments."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.