New Bagle released but Netsky tops the malware charts
Published: 16 Jul 2004 16:05 BST
The 30th variant of mass mailing worm Bagle was discovered on Thursday, which makes it one of the most persistent worms ever discovered, but in terms of infection rates, archrival Netsky is ahead by a long way, according to Finnish antivirus firm F-Secure.
Sven Jaschan, who has admitted writing Netsky and Sasser, was arrested more than two months ago, and although the variants dried up shortly after he was taken into custody, his creations are still disrupting the lives of millions of Internet users.
In a scan of virus threats by F-Secure on Friday, the company found that variants of Netsky accounted for eight of the top 10 places and 71.2 percent of all infections. Zafi.b accounted for 12 percent while Bagle.z was only responsible for 3.3 percent of infections.
Natasha Staley, information security analyst at email security firm MessageLabs, said that although Netsky is far more widespread than the others, it is because there has been a lack of extremely dangerous worms -- such as MyDoom and Sobig.f -- to knock it off the top spot.
"The last major outbreak was from MyDoom in January. But when I say major, I mean 1.2 million copies of the worm in its first 24 hours. We haven't seen anything on that scale since," said Staley.
According to Messagelabs's statistics, the latest Bagle worm only managed a few thousand copies in its first day. Staley said this is not because Bagle is bad at replication, but because anti virus companies are familiar with the worm's source code and can spot it very easily.
"Bagle's code is pretty well known now so it isn't too difficult for software products to detect it," said Staley.
Worryingly, Staley said that because there hasn't been another MyDoom-type attack in more than six months, there is likely to be one in the near future -- and this will knock Netsky out of the top 10.
"Six months has passed and although you can't predict this scientifically, I wouldn't be surprised if there was another major outbreak fairly soon," said Staley.
Did you find this article useful?
36 out of 78 people found this useful
- Share this article:
