1. | W32/Bugbear-A | (Bugbear worm) | 77.6% NEW ENTRY |
2. | W32/Klez-H | (Klez variant) | 6.2% |
3. | W32/Opaserv-A | (Opaserv worm) | 2.5% NEW ENTRY |
4. | W32/Yaha-E | (Yaha variant) | 1.1% |
5. | W32/Badtrans-B | (Badtrans variant) | 0.8% |
6. | W32/Nimda-D | (Nimda variant) | 0.7% |
7. | W32/Opaserv-C | (Opaserv variant) | 0.7% NEW ENTRY |
8. | W32/Opaserv-D | (Opaserv variant) | 0.7% NEW ENTRY |
9. | W32/Elkern-C | (Elkern variant) | 0.6% |
10. | W32/Opaserv-B | (Opaserv variant) | 0.5% NEW ENTRY |
Others: | 8.6% |
"After seven months at the top, Klez-H has finally been knocked off its perch by the Bugbear worm," said Charles Cousins, managing director, Sophos Anti-Virus Asia. "Bugbear is a box of tricks that not only spreads via email and network shares but can also log the victim's keystrokes -allowing hackers to monitor everything a user types from passwords to bank account details."
Sophos has developed a standalone disinfection tool accessible to the entire net community (not just Sophos customers) to decontaminate PCs infected with the new Bugbear worm.
"This free clean-up tool makes it easy for anyone to disinfect their computer. Along with updating anti-virus software, home users should be vigilant about applying patches against OS vulnerabilities. Microsoft issued a patch against this flaw in 2001, it seems as if businesses have heeded this advice, but individuals have been less security conscious," added Cousins.
Sophos detected 824 new viruses, worms and Trojan horses in October, the total number it now protects against is 77,564.
The top ten hoaxes reported to Sophos during October 2002 are as follows:
1. | JDBGMGR | 35.7% |
2. | Budweiser frogs screensaver | 6.5% |
3. | Meninas da Playboy | 4.4% |
4. | Hotmail hoax | 4.4% |
5. | A virtual card for you | 3.3% |
6. | Bill Gates fortune | 3.3% |
7. | Frog in a blender/Fish in a bowl | 2.7% |
8. | WTC Survivor | 2.6% |
9. | JS/Exploit | 1.7% |
10. | Applebees Gift Certificate | 1.6% |
Others: | 33.8% |
To lessen the impact of these bogus viruses warnings, Sophos advises all businesses to implement an anti-hoax policy. This should specify that all virus warnings, whatever their source, are centrally coordinated by one member of staff who is responsible for confirming whether they are real or fake.