Old standbys Klez, Yaha still spreading

After a furious start to 2003 for new viruses and worms, March was a relatively quiet month.

Despite heightened fears about cyberwarfare, March was a pretty slow month for new viruses and worms.

"Central Command saw no major changes in this month's Dirty Dozen," said Steven Sundermeier, product manager of Central Command, Inc. Klez-E and Yaha-E held onto the Nos. 1 and 2 positions with 21.6% and 10.8%, respectively.

Sophos' highest new entry for the month shows the popularity of the Kazaa peer-to-peer file sharing network, said Graham Cluley, senior technology consultant at the antivirus vendor.

"This month's highest new entry is Gibe, a worm which spreads via the Kazaa network. Businesses need to have a long hard think about whether these applications have a valid place on their networks," he said.

The Lirva or Avril worm also held on in March. It appears it may have a longer run than its namesake Canadian pop princess Avril Lavigne. Also, JS-NoClose, a JavaScript Trojan, also popped up on a couple of the lists. It tries to access other Web sites, which often contain ads or pornography, without the system user's permission.

Here are the top viruses and worms according to leading antivirus vendors:

Sophos' top 10 viruses and worms for March:
1. W32/Klez-H (Klez variant) 15.3%
2. W32/Sobig-A (Sobig worm) 5.2%
3. W32/Gibe-D (Gibe variant) 4.4%
4. W32/Avril-B (Avril variant) 3.2%
5. W32/Yaha-E (Yaha variant) 3.0%
6. W32/Avril-A (Avril worm) 2.6%
7. W32/Yaha-K (Yaha variant) 2.4%
8. W32/Bugbear-A (Bugbear worm) 2.2%
9. JS/NoClose (NoClose Trojan 2.0%
9. W32/Lovgate-B (Lovgate variant) 2.0%
Others 57.7%

Central Command's Dirty Dozen for March:
1. Worm/Klez.E (includes G) 21.6%
2. W32/Yaha.E 10.8%
3. Worm/Yaha.M 8.9%
4. Worm/Avril.B 6.4%
5. Worm/Sobig.A 6.3%
6. Worm/Avril.A 5.8%
7. Worm/BugBear 4.6%
8. W32/Funlove 2.3%
9. Worm/Yaha.L 2.0%
10. Worm/Sircam 1.7%
11. W32/Nimda 1.4%
12. Worm/Badtrans.B 1.1%
Others 27.1%

Trend Micro's list of the top 10 viruses for March:
1. PE FUNLOVE.4099
2. WORM KLEZ.H
3.JS NOCLOSE.E
4. PE ELKERN.D
5. PE NIMDA.A-O
6. PE PARITE.A
7. BKDR GLITCH.B
8. WORM YAHA.G
9. PE NIMDA.E
10. WORM YAHA.K


FOR MORE INFORMATION:

SearchSecurity.com news exclusive: "Deloder worm preys on poor passwords"

SearchSecurity.com news exclusive: "New Code Red variant packs little punch"

Best Web Links on malicious code

InfoSec Know IT All trivia: Virus protection

This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close