Top Ten Viruses and Hoaxes 2002
4th September 2002 (NISER)

This is the latest in a series of monthly charts counting down the ten most frequently occurring viruses and hoaxes as compiled by Sophos.

For August 2002, the virus chart is as follows, with the most frequently occurring virus at number one:

"Only two viruses in August's top ten are brand new entries. Instead, the chart is full of old stalwarts such as Klez-H, Badtrans-B, Sircam and Nimda," said Charles Cousins, Managing Director at Sophos Anti-Virus Asia. "Klez-H and its nasty bedfellow ElKern-C, have accounted for almost a quarter of enquiries to Sophos's support centre this month, even though protection has been available since February. Users getting caught out by them appear not to have updated their anti-virus software in six months. With hundreds of new viruses appearing each month, this lax approach is just asking for a security breach."

More information on how Klez-H and ElKern-C work in tandem in an attempt to infect computer networks can be found at: http://www.sophos.com/virusinfo/analyses/w32klezh.html

Meanwhile, Sophos has also detected another virus called Duload worm (W32/Duload-A), which has the potential to infect PCs connected to the KaZaA file sharing network. Cousins said that it may be a damp squib when it comes to infecting users, but it certainly provides an interesting insight into the topics that may occupy many virus writers' minds.

The Duload worm randomly creates disguises for itself using a pool of 39 filenames. These filenames  - which reflect a preoccupation with sex, celebrity, computer games and hackin include 'J. Lo Bikini Screensaver.exe', 'Kama Sutra Tetris.exe', 'Free Mpegs.exe' and 'The Sims Game crack.exe', as well as some pornographic references.

Although Sophos has not received reports of the Duload worm from the wild, Sophos reminds all computer users to keep their anti-virus protection up-to-date and practise safe computing.

The top ten hoaxes reported to Sophos during August 2002 are as follows: