contents

software
 
Top Ten Cybercrime, Viruses and Spyware

Panda Software presents the ranking of the viruses and spyware most frequently detected by the Panda ActiveScan online security solution in 2005.

In first place for the top malware ranking is Sdbot.ftp, which has held this ranking for the last six months. This generic detection of the variants of the Sdbot worm, downloaded via FTP, was responsible for 3.7 percent of infections.

In second place comes the tenacious veteran Netsky.P. Since this worm first appeared in 2004, it has stubbornly refused to leave the monthly list of most frequently detected viruses. Ironically, this worm exploits a vulnerability in Internet Explorer which was detected and resolved some years ago.

Third place is held by QHost.gen, a Trojan that prevents access to several web pages that are mainly related to IT security. Then comes Gaobot.gen, a generic detection for worms from the Gaobot family that exploit several software vulnerabilities.

The Trojans - Citifraud.A, designed to defraud users through a phishing attack, and Zapchast.D - hold the fifth and sixth places in the ranking. Then come three more veterans: Parite.B, Netsky.D and Sasser.ftp - the latter being a generic detection for the script created by worms from this extensive family in order to download themselves via FTP. Finally, the Trojan, Psyme.C, completes the list.

Malware
W32/Sdbot.ftp
W32/Netsky.P.worm
Trj/Qhost.gen
W32/Gaobot.gen.worm
Trj/Citifraud.A
Trj/Zapchast.D
W32/Parite.B
W32/Netsky.D.worm
W32/Sasser.ftp
VBS/Psyme.C

The following conclusions can be drawn from the Top Ten ranking of viruses most frequently detected by Panda ActiveScan in 2005:

- Balance between Trojans and worms. Whereas in previous years computer worms were more prominent in the ranking of frequently detected viruses, 2005 has witnessed a more even balance. This tendency has also been seen from month to month.

- Botnets and financial fraud as growing threats. With Sdbot (a typical example of a bot) in first place and the presence of malicious code such as Citifraud.A, designed to carry out phishing attacks, in the ranking, it is clear that there has been a change of motivation for the creators of malicious code - they now seek financial returns above all else.

- Poorly protected computers, a persistent threat. The continued presence of veteran malicious code such as Parite.B and Sasser, or those like Netsky.P, that exploit software vulnerabilities (which have long ago been resolved) reveals just how many computers are still poorly protected. This creates a favorable environment for virus creators to spread new malicious code.

With respect to spyware, the most frequently detected in 2005 are New.net, Cydoor, Betterlnet and Altnet.

Spyware
New.net
Cydoor
BetterInet
Altnet
Petro-Line
MarketScore
Virtumonde
Media-motor
Aveo-Attune
Aureate-Radiate

To help as many users as possible scan and disinfect their systems, Panda Software offers its free, online anti-malware solution, Panda ActiveScan, at:
http://www.pandasoftware.com/activescan
and SpyXposer, the free spyware detection tool, also available online at:
http://www.pandasoftware.com/products/spyxposer/com/spyxposer_principal.htm.
Webmasters who would like to include ActiveScan on their websites can get the HTML code free fromhttp://www.pandasoftware.com/partners/webmasters.



write your comments about the article :: 2005 Computing News :: home page