1 March 2007
Malware adopts disguises in attempt to dupe IT defenses
Sophos announces top ten threats and hoaxes reported in February 2007
Sophos, a world leader in IT security and control, has revealed the most prevalent malware threats and email hoaxes causing problems for computer users around the world during February 2007.
The figures, compiled by Sophos's global network of monitoring stations, show that the HckPk family has had the greatest impact on computer users this month, accounting for more than half of malware seen during February.
Hackers are increasingly using encryption and packer tools - such as those belonging to the HckPk family - to camouflage their malicious code. January's hardest-hitting worm, Dorf, plus the prevalent Dref mass-mailing worms are just two examples of the malware currently being hidden within HckPk programs. Sophos has also found that cybercriminals are constantly modifying their HckPk disguises in an attempt to bypass IT defences.
The top ten list of malware threats in February 2007 reads as follows:
"HckPk is a bit like Mr Potato Head - it uses disguises to bamboozle anti-virus protection into thinking the attachment is safe when, in reality, malicious code lies within," said Carole Theriault, senior security consultant at Sophos. "Today's most widespread threats, such as Dref and Dorf, use HckPk, so by blocking it, we zap the nasty threats lurking inside. Users need to check that their anti-virus protection can proactively detect against previously unseen malware, otherwise they could be next in a long line of victims."
Sophos's proactive Behavioral Genotype® Protection technology identifies and blocks malicious programs before they are executed, ensuring that HckPk variants and other suspicious programs are stopped before they infiltrate corporate networks.
In February, Sophos found that 0.39% of emails were infected (one in 256). It identified 7,757 new threats during the month, bringing the total number of malware protected against to 222,713.
Graphics of the above top ten malware chart are available.
The Sophos Security Threat Report 2007, which discusses 2006's most prevalent
families of malware and malware hosting countries in more detail, can be
downloaded from the Sophos website:
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security
solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
See also:
Security news
Security news
