Sophos

Talk to our experts

Find your local press contact

Resources

Info feeds

What are info feeds?

4 January 2008

IFrame worm finishes year top of the virus chart, reveals Sophos report Just 30 percent of computer users think 2008 will be a better year for security

IT security and control firm Sophos has revealed the most prevalent malware threats and countries causing problems for computer users around the world during December 2007.

While the study, compiled by Sophos's global network of monitoring stations, has shown only minor changes since November, a Sophos poll has revealed that 70 percent of those surveyed believe that 2008 will actually be just as bad or worse for IT security than 2007.

Top ten web threats

The top ten list of web-based malware threats in December 2007 reads as follows:

Position Last
month		 Malware Percentage of reports
11Mal/IFrame
   50.8%
22Mal/ObfJS
   19.2%
3NewTroj/DRClick
   14.6%
43Troj/Unif
   3.0%
54Troj/Decdec
   2.4%
65Troj/Fujif
   1.6%
7Re-entryTroj/Pintadd
   0.9%
8Re-entryTroj/Zlobar
   0.8%
910Mal/FunDF
   0.6%
10Re-entryVBS/Haptime
   0.5%
Others5.6%

Mal/Iframe, which works by injecting malicious code into webpages, retains its position as leader of the chart, despite not having the same impact as the previous month when it accounted for almost 70 percent of web-based attacks. Mal/ObfJS, a method by which hackers use obfuscated JavaScript to infect web surfers, has successfully held onto second place.

"Although December saw Mal/Iframe's dominance at the top of the chart begin to wane, computer users must not get complacent - it still accounted for more than half of all web-based attacks seen last month," said Graham Cluley, senior technology consultant at Sophos. "Yet, despite the pessimistic figures and the fact that less than a third of people believe there will be any improvement in the situation in 2008, it is possible to combat the cybercriminals with an effective IT security solution. Hopefully the public's negative viewpoint will spur both businesses and consumers on to recognise the seriousness of these threats and make sure their networks and data are fully protected from existing malware, as well as emerging attacks."

Top malware-hosting countries

The top ten list of countries hosting malware-infected webpages in December 2007 reads as follows:

Position Last
month		 Country Percentage of reports
11China (incl HK)
   40.9%
22United States
   33.9%
33Russian Federation
   6.8%
45Germany
   3.8%
54Ukraine
   2.2%
66Turkey
   1.4%
78=United Kingdom
   1.2%
88=Poland
   0.8%
9Re-entryNetherlands
   0.7%
10Re-entryItaly
   0.6%
Others7.7%

China, a country notoriously plagued by Mal/Iframe in previous months, continues to host the most infected webpages. However China is not the only culprit as the United States and Russia have risen in the charts, with America storming from 19 percent in November to serving up over a third of the world's malicious webpages in December.

This month also saw Canada and France drop out of the top ten, to be replaced by the Netherlands and Italy.

Top ten email threats

The top ten list of email-based malware threats in December 2007 reads as follows:

Position Last
month		 Malware Percentage of reports
11Troj/Pushdo
   35.8%
23W32/Netsky
   28.1%
36W32/Mytob
   6.9%
49W32/Strati
   5.3%
54Mal/Dropper
   5.2%
65W32/Zafi
   4.9%
78W32/MyDoom
   3.5%
8Re-entryTroj/Dloadr
   2.6%
910W32/Bagle
   1.7%
10Re-entryW32/Sality
   0.8%
Others5.2%

Overall, 0.09 percent of emails, or one in 1111, had malicious attachments in December 2007, with Pushdo retaining its position as the most prevalent email-based malware detected in December.

Top ten hoaxes and scams

The top ten list of email hoaxes and scams in December 2007 reads as follows:

Position Hoax Percentage of reports
1Hotmail hoax
   6.7%
2Olympic torch
   6.2%
3A virtual card for you
   5.1%
4Elf Bowling
   3.5%
5Justice for Jamie
   2.7%
6MSN is closing down
   2.4%
7Budweiser frogs screensaver
   2.1%
8Applebees Gift Certificate
   2.1%
9Merry Christmas
   1.9%
10Bonsai kitten
   1.9%
Others65.4%

Sophos experts have compiled simple best practice guides to adopting a multi-layered defense. With blended threats, spam and phishing attacks on the rise it has never been more important to educate end users about how best to protect themselves.

Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.

Survey results
Do you think 2008 will be a better year for internet security than 2007?

Yes, things will be better
   30%
 
No, 2008 will be a worse year for security
   42%
 
About the same
   28%
 

* Sophos poll hosted on the Sophos website, 621 respondents, December 2007

Disclaimer: Please bear in mind that this poll is not scientific and is provided for information purposes only. Sophos makes no guarantees about the accuracy of the results other than that they reflect the choices of the users who participated.

PDF Download now
Sophos Threat Report July 2008
  • SQL injection attacks are the biggest threat
  • 90% of malware on legitimate sites
  • Hackers exploit Web 2.0

About Sophos

Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com

See also: