The Palyh (Sobig.B) Internet worm, which spread in an e-mail masquerading as a message from Microsoft support, accounted for nearly a quarter of the virus infections reported during May, says international anti-virus company Central Command.
"The worm was discovered on 18 May," says Steven Sundermeier, Central Command product manager. "In its short period of existence, Worm/Palyh infected thousands of users worldwide, outpacing Worm/Klez.E as the number one confirmed virus for May 2003."
According to Central Command`s "Dirty Dozen" list, which tracks the 12 most prevalent viruses each month, Worm/Palyh (Sobig.B) was responsible for 22.4% of all reported infections, followed by Worm/Klez.E (including G) at 19.7%, Worm/Sobig.A at 8.3% and Worm/Fizzu.A at 6%. Each of the other top 12 viruses accounted for less than 4% of infections reported.
Worm/Fizzu.A, which made its debut in the Dirty Dozen at number four, is an Internet worm that proliferates through e-mail and over various file-sharing programs. "We are seeing more and more viruses coded to spread over peer-to-peer (P2P) applications like Kazaa. Nine out of ten times the P2P worm will copy itself under enticing filenames like password-cracked software programs, downloaded movies or games, or are pornographic themed-based. The bottom line is that programs like Kazaa are opening gaping security holes within a corporate infrastructure," says Sundermeier.
Central Command also reports that there is a marked increase in infections with Worm/Sobig.C. "We have reports of this virus infecting computers in over 24 different countries and expect the virus infection reports to rise as employees return to the office this week.
"Since Worm/Sobig.B was written to self-terminate its mass mailing routine on 31 May, it appears Worm/Sobig.C picks up right where Worm/Sobig.B left off," says Sundermeier.
Worm/Sobig.A and Worm/Sobig.B accounted for over 30% of all confirmed infection reports for May.
Share
