Was September the end of the virus calm?

By Edward Hurley, News Writer 08 Oct 2002 | SearchSecurity.com

Digg This!     StumbleUpon     Del.icio.us

September may be the calm month before the storm for worm activity.

It was slow going until the final day when the Bugbear worm arrived. Bugbear will likely be one of the biggest in October, and perhaps for the year.

RECENT VIRUS COVERAGE: Featured Topic: Virus alert - Bugbear SearchSecurity news exclusive: "Savvy Bugbear now spreading faster than Klez" SearchSecurity news exclusive: "Slapper variants pose minor threat" Feedback on this story? Send your comments to News Writer Edward Hurley

The Klez worm was still the top piece of malicious code in September, easily beating newer threats. The Slapper worm that appeared mid-month was dwarfed by the Frethem and Yaha worms and old stalwarts like Nimda and Badtrans. Slapper exploited a vulnerability in OpenSSL running on Linux Apache Web servers.

Nimda has slowed down to 1,076 hits per hour during the third quarter, compared to more than 3,500 per hour in the first quarter. Hybrid threats, malicious code that can spread multiple ways, increased 29.46% during the same time period, according to Atlanta-based Internet Security Systems' quarterly list of Internet risks.

During that same time period, new vulnerabilities grew at 8.57%, said the report, which was released last week.

ISS also observed a 65% increase in vulnerabilities from the third quarter of 2002 compared to that period in 2001. Third quarter last year had 383 vulnerabilities while the same period this year had 583 reported vulnerabilities.

The company also found there were 16,342,620 security events during the third quarter. There were 21,982,672 in the second quarter. Actual security "incidents," however, were about the same with 1,482 in the second quarter and 1,385 during the last quarter. A security incident is defined as an actual attack or a security event with an unusual level of risk.

Incidentally, ISS found most the biggest day for security incidents was Tuesday. Here are how the other days of the week stacked up.

• Sunday: 118,048
• Monday: 182,567
• Tuesday: 297,379
• Wednesday: 232,505
• Thursday: 191,618
• Friday: 280,364
• Saturday: 135,708

Here are the listing of topic viruses and worms for September as compiled by some antivirus software vendors:

The top 20 viruses for September as compiled by Kaspersky Labs.
1. I-Worm.Klez 72.93%
2. I-Worm.Lentin 23.62%
3. Win95.CIH 0.27%
4. Trojan.Win32.Filecoder 0.17%
5. Macro.Word97.Thus 0.13%
6. I-Worm.Sircam 0.13%
7. I-Worm.Magistr 0.11%
8. Macro.Word97.Flop 0.04%
9. I-Worm.Cervivec 0.04%
10. I-Worm.Hybris 0.03%
11. Backdoor.Death 0.03%
12. Macro.Word97.Ethan 0.03%
13. Win32.FunLove 0.02%
14. Macro.Win97.Marker 0.02%
15. Macro.Word97.TheSecond 0.02%
16. Trojan.PSW.M2 0.01%
17. Backdoor.Antilam 0.01%
18. Worm.Linux.Slapper 0.01%
19. Palm.Phage 0.01%
20. Nuker.Win32.Nabber 0.01%

The following is Command Central's Dirty Dozen of worms and viruses for the month.
1. Worm/Klez.E (incl. G variant) 29.3%
2. Worm/Yaha.E 16.8%
3. W32/Elkern.C 10.8%
4. Worm/W32.Sircam 10.4%
5. W32/Nimda 4.7%
6. W32/Magistr.B 4.4%
7. W95/Hybris 3.0%
8. Worm/Badtrans.B 2.3%
9. W32/Funlove 1.8%
10. W32/Magistr.A 1.0%
11. Worm/Tanatos 0.5%
12. VBS/Redlof.A 0.5%
Others 14.5%

Digg This!     StumbleUpon     Del.icio.us

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary