| |||
|
|
||
|
|||
| |
|
Home > Security News > Klez's staying power still a concern |
| |
|
|
|
|
| Security News: |
|
||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|
||||||||||||||
LovGate, the only major new virus of February, barely cracked the antivirus companies' lists of the most prevalent viruses and worms for the month. What that says is old threats such as Klez and Yaha should still be taken seriously. Once again, the Klez worm has captured the top spot in many antivirus companies' lists. Klez has been successful for a variety of reasons. It exploits a MIME and an IFRAME vulnerability in some versions of Microsoft Outlook, Microsoft Outlook Express and Internet Explorer that allows the worm to execute without the infected attachment being opened. Klez also spoofs e-mail addresses in an attempt to trick users into opening the worm, thinking it came from a known party. It also plucked potential target addresses from everything from Excel documents to cached Web pages. LovGate showed up only in Sophos' list, and at No. 9, beyond old stalwarts such as Bugbear and Klez. The worm employs a unique twist of social engineering to entice mail recipients to open infected messages. It can also spread via network file shares and opens a system back door so attackers can gain control of infected computers. "The new Lovgate worm may have been the most talked about virus in February, but it certainly wasn't the most prolific," said Chris Wraight, technology consultant at Sophos, Inc, noting Klez has had much more traction. "In its various guises, Klez has now been hanging around the chart for 13 months, making it the most persistent worm ever. People infected by Klez couldn't have updated their virus protection in quite some time. " The Lirva worm, which was discovered in January, was also decently strong in February despite its namesake, Canadian pop princess Avril Lavigne, getting shutout at the Grammy awards last month. Two variants of the worm showed up on the various lists. Command Central's most prevalent viruses for the month 1. Worm/Klez.E 34.3% 2. W32/Yaha.E 14.1% 3. Worm/Yaha.M2 10.6% 4. Worm/Avril.A 8.3% 5. Worm/Sobig.A 6.5% 6. Worm/Bugbear 3.2% 7. Worm/Avril.B 3.1% 8. W32/Nimda 1.6% 9. W32/Funlove 1.2% 10. Worm/Sircam.C 0.9% 11. W32/Elkern.C 0.7% 12. Worm/Badtrans.B 0.7% Others 14.8% Kaspersky Labs' Virus Top 20 for February 1. I-Worm.Klez 29.67% 2. I-Worm.Sobig 8.81% 3. I-Worm.Lentin 7.04% 4. Macro.Word97.Thus 3.12% 5. I-Worm.Avron 3.00% 6. I-Worm.Roron 2.87% 7. I-Worm.Hybris 2.49% 8. I-Worm.Tanatos 1.30% 9. Macro.Word97.Flop 0.98% 10. Macro.Word97.Saver 0.78% 11. Win95.CIH 0.71% 12. Worm.Win32.Opasoft 0.69% 13. Win95.Spaces 0.76% 14. Backdoor.Mosuck 0.58% 15. Backdoor.Antilam 0.57% 16. VBS.Redlof 0.53% 17. I-Worm.Stator 0.53% 18. Macro.Word97.Melissa 0.52% 19. Backdoor.Optix.Pro 0.51% 20. Macro.Word97.VMPC 0.50% Other malicious programs 34.18% Sophos' top 10 most prevalent viruses and worms 1. W32/Klez-H 13.7% 2. W32/Sobig-A 7.7% 3. W32/Avril-B 6.0% 4. W32/Yaha-E 4.6% 5. W32/Bugbear-A 4.3% 6. W32/Avril-A 3.1% 7. W32/Klez-E 2.4% 7. W32/Yaha-K 2.4% 9. W32/Lovgate-B 2.1% 9. W95/Spaces 2.1% Others 51.6% FOR MORE INFORMATION: LovGate worm opens backdoor, hits network shares Past Virus Roundups January December November October September August July June May April
|
|
|
|
||||||||||||
| |||||||||||||||
|
|
|
|||||||||||||||||||||||||
|
|||||||||||||||||||||||||||
| |||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
