Advertisement
Promo

Security threats Toolkit

New Bagle released but Netsky tops the malware charts

Munir Kotadia ZDNet.co.uk

Published: 16 Jul 2004 16:05 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

The 30th variant of mass mailing worm Bagle was discovered on Thursday, which makes it one of the most persistent worms ever discovered, but in terms of infection rates, archrival Netsky is ahead by a long way, according to Finnish antivirus firm F-Secure.

Sven Jaschan, who has admitted writing Netsky and Sasser, was arrested more than two months ago, and although the variants dried up shortly after he was taken into custody, his creations are still disrupting the lives of millions of Internet users.

In a scan of virus threats by F-Secure on Friday, the company found that variants of Netsky accounted for eight of the top 10 places and 71.2 percent of all infections. Zafi.b accounted for 12 percent while Bagle.z was only responsible for 3.3 percent of infections.

Natasha Staley, information security analyst at email security firm MessageLabs, said that although Netsky is far more widespread than the others, it is because there has been a lack of extremely dangerous worms -- such as MyDoom and Sobig.f -- to knock it off the top spot.

"The last major outbreak was from MyDoom in January. But when I say major, I mean 1.2 million copies of the worm in its first 24 hours. We haven't seen anything on that scale since," said Staley.

According to Messagelabs's statistics, the latest Bagle worm only managed a few thousand copies in its first day. Staley said this is not because Bagle is bad at replication, but because anti virus companies are familiar with the worm's source code and can spot it very easily.

"Bagle's code is pretty well known now so it isn't too difficult for software products to detect it," said Staley.

Worryingly, Staley said that because there hasn't been another MyDoom-type attack in more than six months, there is likely to be one in the near future -- and this will knock Netsky out of the top 10.

"Six months has passed and although you can't predict this scientifically, I wouldn't be surprised if there was another major outbreak fairly soon," said Staley.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
36 out of 78 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:










Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters