Article

Old standbys Klez, Yaha still spreading

Edward Hurley, News Writer

Despite heightened fears about cyberwarfare, March was a pretty slow month for new viruses and worms.

"Central Command saw no major changes in this month's Dirty Dozen," said Steven Sundermeier, product manager of Central Command, Inc. Klez-E and Yaha-E held onto the Nos. 1 and 2 positions with 21.6% and 10.8%, respectively.

Sophos' highest new entry for the month shows the popularity of the Kazaa peer-to-peer file sharing network, said Graham Cluley, senior technology consultant at the antivirus vendor.

"This month's highest new entry is Gibe, a worm which spreads via the Kazaa network. Businesses need to have a long hard think about whether these applications have a valid place on their networks," he said.

The Lirva or Avril worm also held on in March. It appears it may have a longer run than its namesake Canadian pop princess Avril Lavigne. Also, JS-NoClose, a JavaScript Trojan, also popped up on a couple of the lists. It tries to access other Web sites, which often contain ads or pornography, without the system user's permission.

Here are the top viruses and worms according to leading antivirus vendors:

Sophos' top 10 viruses and worms for March:
1. W32/Klez-H (Klez variant) 15.3%
2. W32/Sobig-A (Sobig worm) 5.2%
3. W32/Gibe-D (Gibe variant) 4.4%
4. W32/Avril-B (Avril variant) 3.2%
5. W32/Yaha-E (Yaha variant) 3.0%
6. W32/Avril-A

    Requires Free Membership to View

(Avril worm) 2.6%
7. W32/Yaha-K (Yaha variant) 2.4%
8. W32/Bugbear-A (Bugbear worm) 2.2%
9. JS/NoClose (NoClose Trojan 2.0%
9. W32/Lovgate-B (Lovgate variant) 2.0%
Others 57.7%

Central Command's Dirty Dozen for March:
1. Worm/Klez.E (includes G) 21.6%
2. W32/Yaha.E 10.8%
3. Worm/Yaha.M 8.9%
4. Worm/Avril.B 6.4%
5. Worm/Sobig.A 6.3%
6. Worm/Avril.A 5.8%
7. Worm/BugBear 4.6%
8. W32/Funlove 2.3%
9. Worm/Yaha.L 2.0%
10. Worm/Sircam 1.7%
11. W32/Nimda 1.4%
12. Worm/Badtrans.B 1.1%
Others 27.1%

Trend Micro's list of the top 10 viruses for March:
1. PE FUNLOVE.4099
2. WORM KLEZ.H
3.JS NOCLOSE.E
4. PE ELKERN.D
5. PE NIMDA.A-O
6. PE PARITE.A
7. BKDR GLITCH.B
8. WORM YAHA.G
9. PE NIMDA.E
10. WORM YAHA.K


FOR MORE INFORMATION:

SearchSecurity.com news exclusive: "Deloder worm preys on poor passwords"

SearchSecurity.com news exclusive: "New Code Red variant packs little punch"

Best Web Links on malicious code

InfoSec Know IT All trivia: Virus protection


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: