Old standbys Klez, Yaha still spreading

Article

Old standbys Klez, Yaha still spreading

Despite heightened fears about cyberwarfare, March was a pretty slow month for new viruses and worms.

"Central Command saw no major changes in this month's Dirty Dozen," said Steven Sundermeier, product manager of Central Command, Inc. Klez-E and Yaha-E held onto the Nos. 1 and 2 positions with 21.6% and 10.8%, respectively.

Sophos' highest new entry for the month shows the popularity of the Kazaa peer-to-peer file sharing network, said Graham Cluley, senior technology consultant at the antivirus vendor.

"This month's highest new entry is Gibe, a worm which spreads via the Kazaa network. Businesses need to have a long hard think about whether these applications have a valid place on their networks," he said.

The Lirva or Avril worm also held on in March. It appears it may have a longer run than its namesake Canadian pop princess Avril Lavigne. Also, JS-NoClose, a JavaScript Trojan, also popped up on a couple of the lists. It tries to access other Web sites, which often contain ads or pornography, without the system user's permission.

Here are the top viruses and worms according to leading antivirus vendors:

Sophos' top 10 viruses and worms for March:
1. W32/Klez-H (Klez variant) 15.3%
2. W32/Sobig-A (Sobig worm) 5.2%
3. W32/Gibe-D (Gibe variant) 4.4%
4. W32/Avril-B (Avril variant) 3.2%
5. W32/Yaha-E (Yaha variant) 3.0%
6. W32/Avril-A

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

(Avril worm) 2.6%
7. W32/Yaha-K (Yaha variant) 2.4%
8. W32/Bugbear-A (Bugbear worm) 2.2%
9. JS/NoClose (NoClose Trojan 2.0%
9. W32/Lovgate-B (Lovgate variant) 2.0%
Others 57.7%

Central Command's Dirty Dozen for March:
1. Worm/Klez.E (includes G) 21.6%
2. W32/Yaha.E 10.8%
3. Worm/Yaha.M 8.9%
4. Worm/Avril.B 6.4%
5. Worm/Sobig.A 6.3%
6. Worm/Avril.A 5.8%
7. Worm/BugBear 4.6%
8. W32/Funlove 2.3%
9. Worm/Yaha.L 2.0%
10. Worm/Sircam 1.7%
11. W32/Nimda 1.4%
12. Worm/Badtrans.B 1.1%
Others 27.1%

Trend Micro's list of the top 10 viruses for March:
1. PE FUNLOVE.4099
2. WORM KLEZ.H
3.JS NOCLOSE.E
4. PE ELKERN.D
5. PE NIMDA.A-O
6. PE PARITE.A
7. BKDR GLITCH.B
8. WORM YAHA.G
9. PE NIMDA.E
10. WORM YAHA.K


FOR MORE INFORMATION:

SearchSecurity.com news exclusive: "Deloder worm preys on poor passwords"

SearchSecurity.com news exclusive: "New Code Red variant packs little punch"

Best Web Links on malicious code

InfoSec Know IT All trivia: Virus protection