August Stats From Kaspersky

01 Sep 03:39

According to Kaspersky Lab the anti-virus industry was spared a virus epidemic in August but was struck by several major phishing attacks. In previous years, August has proved a fertile month for major viruses, with Welchia, Sasser and Mytob outbreaks occurring in August 2003, 2004 and 2005 respectively.

Despite new vulnerabilities being detected in Windows vulnerabilities that were similar to those that provided the breeding ground for Welchia, Sasser and Mytob Microsoft managed to ensure that information about the vulnerability did not enter the public domain before a patch was available. The exploit which then appeared for this vulnerability only ran on a limited number of versions of Windows and did not attract the attention of virus writers. Consequently, the epidemic anticipated by some in August did not take place.

However, phishing emails were rife in August the largest of which was the spamming of Bankfraud.od in western Europe. Kaspersky Lab first encountered this phishing message, which targets customers of the German Volksbank, in March this year. In July/August, the authors modified the email and conducted a repeat attack. Hence, Bankfraud.od rose to twelfth place in the rankings, and is the first phishing attack to make it into the Top Twenty in the past few months.

As for the rest of the Top Twenty, its worth noting that Scano, the polymorphic script worm, disappeared from the rankings, and another similar malicious program (Feebs) did not make it into the Top Twenty at all.

LovGate.ad has dropped out of the ratings. This might mean that this family has been squeezed out by other worms. Out of the three LovGate representatives previously found in the Top Twenty, only LovGate.w remains. However, in August the worm once again demonstrated its resilience, with LovGate.ae returning to the rankings.

The significant percentage (14.7 per cent) of other malicious programs intercepted in mail traffic indicates that a number of other worm and Trojan families are still in active circulation.

The Kasperksy Lab top 20 are:

  1. Net-Worm.Win32.Mytob.c 26.4 per cent
  2. Email-Worm.Win32.Nyxem.e 14.4 per cent
  3. Email-Worm.Win32.NetSky.b 8.1 per cent
  4. Email-Worm.Win32.LovGate.w 6.4 per cent
  5. Net-Worm.Win32.Mytob.u 3.3 per cent (+2)
  6. Net-Worm.Win32.Mytob.q 3.0 per cent (-1)
  7. Net-Worm.Win32.Mytob.w 2.9 per cent (+2)
  8. Email-Worm.Win32.NetSky.y 2.7 per cent (-2)
  9. Net-Worm.Win32.Mytob.t 2.6 per cent (+4)
  10. Net-Worm.Win32.Mytob.cg 2.0 per cent (+4)
  11. Net-Worm.Win32.Mytob.a 2.0 per cent (+1)
  12. Trojan-Spy.HTML.Bankfraud.od 1.9 per cent (new)
  13. Email-Worm.Win32.NetSky.x 1.7 per cent (-2)
  14. Email-Worm.Win32.NetSky.af 1.3 per cent (+2)
  15. Net-Worm.Win32.Mytob.r 1.3 per cent (-5)
  16. Email-Worm.Win32.NetSky.t 1.1 per cent (return)
  17. Net-Worm.Win32.Mytob.h 1.1 per cent (return)
  18. Net-Worm.Win32.Mytob.x 1.0 per cent (-3)
  19. Email-Worm.Win32.LovGate.ae 1.0 per cent (return)
  20. Net-Worm.Win32.Mytob.j 1.0 per cent (return)

Other malicious programs 14.7 per cent.

Related links: (Open in a new window.)
www.kaspersky.co.uk/news
www.kasperskylab.co.uk

Taken from Information Security Bulletin.