Application security

Late-emerging New Year’s scam was December’s top virus

A worm posing as a New Year's greeting has been ranked as last month's most widespread virus, despite not appearing until Dec. 30.

The malware is a variant of the familiar Dref mass-mailing worm, first seen in July 2005. Posing as a Happy New Year e-card, Dref-V accounted for nearly 94 percent of all infected emails on Dec. 31, according to Sophos' monthly threat report.

All Dref variants totaled 35 percent of malware threats for last month, with Netsky second with 22 percent.

November's highest ranking virus, Stratio, ranked fourth with nearly eight percent of all malware, while Mytob accounted for nearly 11 percent.

Bagle was the only other virus with more than five percent of the total, ranking fifth in December malware.

The overall percentage of infected email was 0.3 percent, although the firm spotted 6,251 new threats last month.

Meanwhile, a Hotmail scam was December's top hoax or chain letter, according to Sophos, accounting for more than 23 percent of all such unwanted email.

Olympic torch virus (9.4 percent), elf bowling (5.6 percent), Applebee's gift certificate (4.4 percent) and Sainsbury's gift voucher (3.7 percent) hoaxes rounded out the month's top five.

Ron O'Brien, senior security analyst for Sophos, said crammed inboxes following a holiday break make enterprises more vulnerable to email-borne malware.

"Businesses are particularly vulnerable after a holiday because employees return from vacation to find inboxes overflowing with email messages," he said. "Many of these may be annoying spam, but innovative techniques can compel even the most savvy user to click on an attachment to follow a link to a website that contains malicious content. The speed with which Dref spread can online be attributed to unsuspecting users opening attachments from unknown sources."

Click here to email Online Editor Frank Washkuch Jr.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.