November was the worst month for malware, with 1,940 new threats
discovered in that month alone.
On average, Sophos says that one in every 44 emails attempted to
spread a virus during 2005. This rose to one in 12 during major
outbreaks.
Top of the virus chart is the mass-mailing Zafi-D worm, which
accounted for 16.7% of reports. Second on the list is the
mass-mailing Netsky-P worm (15.7%), followed by the Sober-Z worm,
which, although only released in November, managed to account for
6% of all reports.
"Don't let the figures fool you – old-timers may head up the top
ten, but the enormous rise in the number of new threats shows that
2005 has been anything but quiet on the malware front," said Graham
Cluley, senior technology consultant at Sophos.
"This huge increase stems from the escalating interest in
authoring Trojans, worms and viruses shown by criminal gangs intent
on making a profit. By focusing their efforts on a smaller number
of victims, cybercriminals can target them with bespoke malware,
increasing their chances of slipping under the security net," he
warned.
While all of the top ten threats are Windows-based worms, the
number of Trojan horses written during 2005 outweighs worms by
almost 2:1, says Sophos.
In addition, the percentage of malware that includes spyware
components rose from 54.2% in January to 66.4% by the end of the
year. According to the report, these figures reinforce the notion
that malware authors are engaging in targeted attacks, rather than
widespread bombardment, and also help explain a rise in the amount
of spam spewed out by zombie computers - now accounting for over
60% of the world's spam.
"Unlike viruses or worms, Trojans cannot replicate on their own,
meaning that they must be deliberately emailed or planted on
websites in order to spread. It's more and more common for new
Trojans to become widespread after being spammed en masse from
zombie computers," explained Cluley. "It's no surprise that most of
the top ten threats allow hackers to gain access to an infected PC,
enabling them to create a zombie, steal information, and dish out
their malware from under the nose of unsuspecting users."
The Sophos report reveals that unprotected computers have a 40%
chance of being infected by an internet worm within ten minutes,
turning them into a zombie under a remote hacker's control.
