Malware Attacks Drop Off in February

Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
After January set records for malware output, the malware volume dropped by 26 percent last month, despite a reported surge in Trojan horse attacks.

''Attacks were down by a lot -- 26.4 percent -- in February,'' says Steve Sundermeier, a vice president for Medina, Ohio-based Central Command, an anti-virus and anti-spam company. ''I think a lot of it has to do with the fact that in January we got the initial seeding for the Kama Sutra worm, which came out on Jan. 18. And we also had the very prolific Sober worm, which disabled itself after the fifth of January. Before that there were just mass quantities of it.''

Both Sundermeier and Ron O'Brien, senior security analyst with Sophos, Inc., an anti-virus and anti-spam company with U.S. headquarters in Lynnfield, Mass, say February gave the anti-virus community and IT and security managers a break after the assaults that pummeled networks in January.

''February returned us to levels we'd seen earlier in 2005,'' says O'Brien. ''You've got to look at this in the total context. January was the highest month ever and February has calmed back down.''

Sophos analysts detected 2,312 new pieces of malware in January, setting a record for the highest volume of malware in one month. Before that, this past November was the record holder but that title easily fell when the new year kicked in, says O'Brien.

February, by contrast, had 1,132 new pieces of malware -- which includes worms, viruses and Trojans -- pop up.

''It was a noticeable difference,'' says Sundermeier. But he also was quick to add that just because February's numbers were down from the month before, they were still quite high compared to the same month just a year before. Central Command's records show that this past month had 39 percent more new malware hit the Wild than February of 2005. ''This past month may have been down, but obviously virus writing and volume is on the increase.''

Part of that increase, according to O'Brien, can be linked back to a flurry of new Trojans that were unleashed last month. In fact, he says Trojans accounted for two-thirds of the new malware that came out last month.

O'Brien pointed to the Clagger-G Trojan as an example of the type of financially motivated malware that has been plaguing users.

The author of Clagger-G, according to O'Brien, used a combination of malware and spam technology to spread the Trojan. The Trojan grabbed the eighth spot in Sophos' Top 10 Virus report for February. For the Trojan, which cannot spread on its own, to gain that much traction around the globe, it must have been spammed out to millions and millions of email addresses worldwide, he said. To make that feasible, the virus writer must have taken advantage of giant botnets, he adds.

Sophos lists the top five viruses for February as: Netsky-P accounting for 13.9 percent of all malware on the Internet; Nyxem-D with 9.3 percent; Bagle-Zip with 8.8 percent; Zafi-B with 8.4 percent, and Mytob-FO with 6 percent.

Central Command's list of top five viruses includes: Nyxem accounts for 41.87 percent of malware in the Wild; Netsky-Q with 7.88 percent; Mytob-NO with 4.73 percent; Mytob-NX with 4.33 percent, and Bagle-GJ with 3.10 percent.


Loading Comments...