Sophos' Top 10 Threats for September

Sophos announces top ten Web and email-borne malicious threats for September 2007

Dark Reading Staff, Dark Reading

October 1, 2007

2 Min Read

BOSTON -- IT security and control firm Sophos has revealed the most prevalent malware threats causing problems for computer users around the world during September 2007.

The figures, compiled by Sophos's global network of monitoring stations, have shown a rise in the percentage of infected email. Overall in September, 0.12 percent of emails were carrying malicious email attachments, or 1 in every 833, compared to 1 in every 1000 during August. This is primarily due to a coordinated campaign by hackers to spam out the Pushdo Trojan horse en masse during the second half of September. The emails, which pose as naked pictures of Hollywood actresses such as Angelina Jolie and "Holly Berry" [sic], carry a malicious payload designed to give criminal hackers control over infected PCs. During a single 24-hour period in the last week of September, Sophos reports that the Pushdo Trojan accounted for almost 4 in every 5 infected emails.

The top ten list of email-based malware threats in September 2007 reads as follows:

  1. W32/Netsky 29.9%

  2. Troj/Pushdo 27.4%

  3. W32/Mytob 9.2%

  4. W32/Zafi 8.3%

  5. Mal/Iframe 6.0%

  6. Mal/Behav 4.6%

  7. W32/MyDoom 4.1%

  8. Mal/Basine 2.5%

  9. W32/Bagle 1.4%

  10. W32/Traxg 1.2%

Other 5.4%

"Using a variety of tempting disguises, versions of the Pushdo Trojan have been spammed out every Wednesday since March, but lately the hackers have stepped up a gear and sent it to innocent computer users at any time on any day of the week," said Graham Cluley, senior technology consultant at Sophos. "Hackers have been trapping users with pictures of celebrities for years - but it's still a social engineering trick that works. What is clear is that hackers have not turned their backs on using email as a vector for attack. Companies and individuals alike must protect their gateways and inboxes with a secure defense, and think before they open unsolicited emails."

Sophos plc

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights