Email Worm of 2004 Made a Comeback in November
Security provider Sophos reported that it has found the old W-32/Traxg worm in one-fourth of all e-mails it monitored during November 2007. The first time the worm appeared was in October 2004.
Graham Cluley, Senior Security Consultant, Sophos, said that the spread of W-32/Traxg as the second most dangerous malware in November 2007 was completely unexpected. Also, the slipping of unsophisticated worms through the Internet in large amounts clearly indicates how most users and possibly companies fail to deploy even the basic anti-virus security solutions, Cluley commented. ZDNet.co.uk published this in news on December 5, 2007.
Number one among the e-mail-based malware in October 2007, Pushdo, once again occupied the top spot in the November 2007 chart as well. The worm spread through obnoxious spam mails that lured users with video files of naked Britney that could apparently be obtained on clicking an attachment.
But in reality, the link contains Troj/Pushdo-Gen, a Trojan program that attacks Microsoft Windows. Whenever a variant of Troj/Pushdo-Gen installs on the system, it plants and executes another file, generally detected as Mal/Basine-C or Troj/Pushu-Gen.
SophosLabs' Director Mark Harris wrote in the blog of SophosLabs that an unending stream of malware and spam offering photos of the pop star in revealing dresses seemed to flow. Also, the same theme being used repeatedly suggests that people still fall for the trick, Harris analyzed in his statement that Webuser published on November 26, 2007.
During November 2007, about 0.1% of e-mails that were sent out carried malicious attachments. That counted to one per 1,000 messages, Sophos noted.
The security vendor also estimates that 55% of all e-mails dispersing viruses originated in China compared to 20% in the United States and 11% in Russia. The figure for Russia is rather surprising as the Russian Business Network carries out a high amount of criminal activity on the Internet.
According to Sophos, the number of websites being recently infected dropped to 7,500 a day in November 2007 compared to a high of 30,000 a day in July 2007. The statistics, however, do not indicate if the criminals now are less active.
Related article: Email Security – A Big Challenge to Companies & Individuals
» SPAMfighter News - 17-12-2007