Massive virus attacks that clobber the Internet are giving way to pin-pointed assaults that quietly go after specific companies and agencies, according to some security analysts.

September's malware figures show that while the number of wide-spread, hard-hitting viruses, akin to Sasser or Slammer, are dwindling, the sheer volume of malware is up. Gregg Mastoras, a senior security analyst at Sophos, Inc., an anti-virus and anti-spam company with U.S. headquarters in Lynnfield, Mass., tells eSecurityPlanet that Sophos recorded 1,200 new viruses last month alone. That, he estimates, should bring the year-end total to the 15,000 range.

''We'll probably have more than last year,'' says Mastoras. ''But what's different is that we're not seeing as many wide-spread viruses -- ones that would get a lot of attention. That's because virus writers are changing the way they're attacking the networks. They're not interested in mass-mailer attacks. They're more interested in targeting attacks at institutions or organizations.''

The types of attacks that we're seeing is all wrapped up in the fact that virus writers are no longer in it just to make a name for themselves. They're in it for the money. And new motive means new means of aggression.

''They're looking for financial gain, so they don't want as many people to hear about the attacks so they can patch leaks and protect themselves,'' Mastoras explains. ''They want it so once someone hears that something is going on, it's too late.''

Forbot, Mastoras adds, is a good example of this type of malware.

The Forbot family of worms largely flew under most people's radar. It didn't get a lot of press or attention. Once the spyware has infected someone's computer, it begins acting as a keylogger. ''The damage they do is much more severe because they're stealing information and then someone is walking around with a credit card with your name on it because they got your information off a key logger,'' Mastoras says.

Despite how dangerous Forbot has been, it didn't make the Top Five list for either Sophos or Central Command, an anti-virus and anti-spam company that also does a monthly malware ranking. The two companies' rankings differ but share some common pieces of malware.

Sophos lists its Top Five, according to prevalence, as:

  • Netsky-P with 18.6 percent of all malware traveling the Internet;
  • Mytob-BE, 7.6 percent;
  • Mytob-AS, 6.8 percent;
  • Zafi-D, 4.3 percent, and
  • Netsky-D, 3.3 percent.

    Over at Central Command, which is based in Medina, Ohio, their analysts rank the Top Five most prevalent malware as:

  • Mytob-FC, 21.89 percent;
  • Netsky-Q, 9.36 percent;
  • iFrame-B, 6.39 percent;
  • Mytob-IU, 6.28 percent, and
  • Mytob-DU, 4.10 percent.

    Steve Sundermeier, a vice president at Central Command, says September was only noteworthy because of the flurry of Bagel and Mytob variants that hit the Internet. ''Nothing was significantly high impacting, but they were coming out one after another, making us work long hours,'' says Sundermeier. ''They're more of a nuisance. But when you see a number like 21.89 percent [for Mytob-FC], obviously that one had some significant impact.''