Virus infections down in July; Klez still reigns

Virus infections down in July; Klez still reigns

There was some good news and some bad news about the virus landscape last month.

RECENT VIRUS COVERAGE:
SearchSecurity news exclusive: "Surnova worm takes liking to peer-to-peer, IM networks "

SearchSecurity news exclusive: "New worm preys on password promise"

SearchSecurity news exclusive: "Five ways to be virus-free"
Feedback on this story? Send your comments to News Writer Edward Hurley

Good news: Viruses were down in July, according to antivirus vendor Central Command.

Bad news: The Klez worm still tops the virus lists after more than three months spreading.

Klez still topping the lists proves that people are not protecting themselves perhaps as best they should. The worm searches a host of files on infected systems then mails itself. Klez also conceals which system it comes from by making it appear an infected message came from a different person.

On a brighter side, Central Command found a slight decrease in virus infections in July compared to June. "Whether this is due to an increasing awareness of malicious code or simply because more users are on vacation and away from their computers, it's a trend we hope will continue," said Steven Sundermeier, product manager at Central Command, Inc.

Two other worms made some noise in July. For example, the Yaha worm showed up on several antivirus companies' top lists. It was even used as a crude denial-of-service on the Pakistan governement's Web site, said Chris Wraight, technology consultant at Sophos.

The Frethem worm also saw some success in July. Frethem arrives with a subject line of "Re: Your password," which has tricked many users into opening the infected attachment.

Below are the monthly virus numbers from different antivirus vendors:

Kaspersky Labs 's top 20 list of viruses and worms for July
1. I-Worm.Klez     84.28%
2. I-Worm.Lentin     9.24%
3. Win95.CIH    0.93%
4. I-Worm.Frethem    0.9%
5. I-Worm.Desos    0.28%
6. Win32.FunLove    0.15%
7. I-Worm.Hybris.b    0.12%
8. I-Worm.BadtransII    0.1%
9. I-Worm.Magistr     0.09%
10. Win32.Elkern.c     0.07%
11. I-Worm.HappyTime     0.07%
12. I-Worm.Kitro    0.06%
13. Win32.Kriz     0.05%
14. Macro.Word97.Thus    0.05%
15. Backdoor.VB    0.05%
16. I-Worm.Duni    0.03%
17. Backdoor.CyberSpy    0.03%
18. Backdoor.Casus    0.03%
19. Win95.Tecata     0.03%
20. Macro.Word97.Nori    0.03%

MessageLabs top ten malicious code for the last four weeks (through Aug. 2)
1.W32/Klez.H-mm
2.W32/Yaha.E-mm
3.W32/SirCam.A-mm
4.W32/Klez.E-mm
5.W32/Magistr.B-mm
6.W32/Hybris.B-mm
7.W32/Frethem.L-mm
8.W32/Magistr.A-mm
9. W32/Frethem.F-mm
10.W32/MTX-m

Trend Micro's top list of viruses for the last 30 days (through Aug. 2)
1. Worm Klez.H
2. PE Funlove.4099
3. PE Elkern.D
4. PE Nimda.E
5. Worm Sircam.A
6. Worm Liac.A
7. Worm Yaha.E
8. JS Exception.Gen
9. HTML Ifrmexp.Gen
10. PE Kriz.4029

Command Central's most prevalent viruses list
1. Worm/Klez.E (includes G variant)    57.3%
2. W32/Elkern.C   16.8%
3. Worm/W32.Sircam   4.3%
4. W32/Yaha.E   2.6%
5. W32/Nimda    2.6%
6. Worm/Frethem.L   2.2%
7. W32/Magistr.B   2.0%
8. W95/Hybris   1.6%
9. Worm/Badtrans.B   0.9%
10. W95/CIH   0.5%
11. W32/Funlove   0.3%
12. W32/Magistr.A   0.3%
Others:    6.8%

Sophos' top list of viruses
1. W32/Klez-H (Klez variant)    17.7%
2. W32/Frethem-Fam (Frethem)     17.0%
3. W32/Yaha-E (Yaha variant)    16.8%
4. W32/Badtrans-B (Badtrans variant)    5.8%
5. W32/ElKern-C (ElKern variant)    3.7%
6. W32/Magistr-B (Magistr variant)    2.5%
7. W32/Hybris-B (Hybris variant)    1.9%
8. W32/Klez-E (Klez variant)    1.7%
9. W32/Nimda-A (Nimda variant)    1.5%
10. W32/Magistr-A (Magistr variant)    1.3%
Others:   30.1%

Dig deeper on Security Resources

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close