Panda ActiveScan List of Top Viruses for September 2003

In September, Bugbear.B has once again caused the highest number of infections to users’ computers, according to the data gathered by the free online antivirus, Panda ActiveScan.

This worm was found in over five percent of computers in which this Panda Software antivirus detected a malicious code. The dominance of Bugbear.B could be explained by its capacity to mass-mail itself and to exploit a vulnerability in Internet Explorer to run automatically.

Bugbear.B is closely followed by the Blaster worm, responsible for just under five percent of incidents, which caused a widespread epidemic in August. The fact that this malicious code spreads directly via the Internet and uses the Windows RPC DCOM vulnerability allows it to continue infecting unprotected computers.

In third place, but with a lower rate of infection than the previous two (just over three percent), is the Sobig.F worm which, in spite of being the fastest-spreading worm to date, has not caused a significant number of incidents.

The veteran Klez.I was the culprit in just over three percent of infections, putting it in fourth place. Over a year and a half after it was first detected, this malicious code continues to appear in the ranking of the Top Ten viruses most frequently detected month after month.

Another infamous malicious code that has made the ranking for several months running is the polymorphic virus Parite.B (at just under three percent). Sixth and seventh place are occupied by two new viruses that appeared in September, Gibe.C and Mapson.D, which were both detected in just under three percent of computers.

At the bottom of the Top Ten are the Trojan PSW.Bugbear.B (at almost two and a half percent) and the worms Enerkaz and Blaster.C (at just under two percent).

From the data collected by Panda Software’s free online antivirus in September, the following can be concluded:

– Software vulnerabilities, the most effective way of spreading rapidly.
Four of the malicious code in the Top Ten (Bugbear.B, Blaster, Blaster.C and Klez.I) spread by exploiting vulnerabilities in the software installed on computers. What’s more, two of them (Bugbear.B and Blaster) occupy first and second place. This demonstrates the potential of this new means to cause widespread epidemics. It also shows how many users neglect to apply the patches released by manufacturers to fix these vulnerabilities.

– Drop in the number of incidents caused by Sobig.F.
Even though this worm spread the fastest in August, it was in September that it caused the most infections. Therefore, in spite of being programmed to stop sending itself out from September 10, it has still infected enough computers to come in third.

Virus % frequency
W32/Bugbear.B 5.10
W32/Blaster 4.99
W32/Sobig.F 3.23
W32/Klez.I 3.02
W32/Parite.B 2.95
W32/Gibe.C.worm 2.93
W32/Mapson.D.worm 2.56
Trj/PSW.Bugbear.B 2.43
W32/Enerkaz 1.75
W32/Blaster.C 1.72