Bugbear worm top scoundrel for October

The Bugbear worm ended Klez's reign atop the monthly virus charts.

The Bugbear worm dislodged Klez as the top piece of malicious code for October, ending Klez's seven-month stay atop the monthly virus lists of leading antivirus vendors and research firms.

FOR MORE INFORMATION:
Virus alert: Bugbear
Past Virus Roundups
September
August
July
June
May
April
Feedback on this story? Send your comments to News Writer Edward Hurley

Bugbear surfaced late in September and steadily traveled on networks through the first week of October. Bugbear is also called Tanat, Tanatos, WORM_NATOSTA.A and W32/Bugbear@MM.

"There was a brief period during the month when Bugbear accounted for nearly 60% of all total infection reports," said Steven Sundermeier product manager at Medina, Ohio-based Central Command, Inc.

Bugbear's author copied a lot of functionalities of Klez. For example, Bugbear takes advantage of a MIME and an IFRAME vulnerability in some versions of Microsoft Outlook, Microsoft Outlook Express and Internet Explorer. As a result, the attached worm can execute without the attachment being clicked on.

But unlike Klez, Bugbear dropped a key-logging program into infected systems. The program can harvest passwords, user names, credit card numbers and other sensitive information. The worm also opens a back door on port 36794, which can allow the worm's writer or others to steal that information.


Below are the monthly virus numbers from different antivirus vendors:

Kaspersky Labs' top 20 viruses for the month of October:
1. I-Worm.Tanatos 44.9%
2. I-Worm.Lentin 21.6%
3. I-Worm.Klez 14.0%
4. Macro.Word97.Thus 3.1%
5. I-Worm.Hybris 1.1%
6. I-Worm.Magistr 1.0%
7. Macro.Win97.Marker 1.0%
8. I-Worm.Sircam 0.7%
9. Macro.Word97.Flop 0.7%
10. Macro.Word97.Ethan 0.5%
11. Macro.Word97.TheSecond 0.5%
12. Macro.Word97.Onex 0.4%
13. Macro.Word97.Story 0.3%
14. I-Worm.Cervivec 0.3%
15. Joke.Win32.Train 0.3%
16. Backdoor.Death 0.3%
17. Macro.Word97.Dig 0.3%
18. Macro.Word97.Melissa 0.3%
19. Trojan.PSW.Gip.113 0.2%
20. Trojan.Win32.Erase2002 0.2%

Sophos' top ten viruses for the month:
1. W32/Bugbear-A 77.6%
2. W32/Klez-H 6.2%
3. W32/Opaserv-A 2.5%
4. W32/Yaha-E 1.1%
5. W32/Badtrans-B 0.8%
6. W32/Nimda-D 0.7%
W32/Opaserv-C 0.7%
W32/Opaserv-D 0.7%
W32/ElKern-C 0.6%
10. W32/Opaserv-B 0.5%
Others 8.6%

Central Command's top 12 viruses and worms for the month:
1. Worm/Klez.E (incl. G variant) 23.4%
2. Worm/BugBear 20.9%
3. W32/Yaha.E 11.5%
4. W32/Elkern.C 8.2%
5. Worm/W32.Sircam 6.0%
6. W32/Nimda 4.4%
7. W32/Magistr.B 3.8%
8. W95/CIH 3.1%
9. W95/Hybris 2.9%
10. W32/Funlove 1.4%
11. W32/Magistr.A 1.2%
12. Worm/Opasoft 0.7%
Others 12.5%

Dig deeper on Malware, Viruses, Trojans and Spyware

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close