Panda ActiveScan Top 10 Viruses in April 2004
The effects of the wave of viruses that began in February, and continues to be felt by computer users around the world, can be seen in the data gathered by the Panda ActiveScan free, online scanner. Five variants of Netsky alone were among the most frequently detected viruses in April.
Netsky.P, responsible for 15.29% of infections, topped the April ranking of malicious code. This could largely be due to its ability to spread, not just via e-mail, but also through peer-to-peer file sharing applications. Netsky.P also exploits the Iframe vulnerability in Internet Explorer to run automatically on victims’ computers.
Some way behind Netsky.P came the D variant of Netsky followed in turn by the Downloader.L Trojan, which continues to infect a considerable number of computers month after month.
After these came Netsky.B, Nachi.B and Netsky.C, three more viruses associated with the current wave of malicious code. However, the Revop.F Trojan -first detected at the beginning of March-, has gradually becoming more of a menace and was recorded in seventh place in last month’s list. This malicious code downloads adware onto the victim’s computer.
Bagle.pwdzip -also related to the recent plague- was in eighth place, although this figure represents the detection of all variants of Bagle that could reach computers in password-protected .zip files.
Ninth place was held by the oldest virus in the Top Ten, the polymorphic Parite.B, which due to its multiple means of infections, has appeared consistently in the list of malicious code detected by Panda ActiveScan. Last month’s ranking was completed by Netsky.Q.
Virus % frequency
W32/Netsky.P.worm 15.29%
W32/Netsky.D.worm 8.00%
Trj/Downloader.L 6.95%
W32/Netsky.B.worm 6.29%
W32/Nachi.B.worm 5.91%
W32/Netsky.C.worm 3.72%
Trj/Revop.F 3.52%
W32/Bagle.pwdzip 2.58%
W32/Parite.B 2.41%
W32/Netsky.Q.worm 2.35%
The following conclusions can be drawn from the data collected by Panda ActiveScan last month:
– Seven of the viruses in the list are worms that have been unleashed as part of the current ‘cyberwar’ between various groups of virus creators. Netsky, designed to eliminate the Mydoom, Bagle and Mimail worms from infected computers, is clearly dominating the ‘battle’.
– Many users are still not applying the patches released by vendors to fix common software vulnerabilities. This is highlighted by the presence of Netsky.P at the head of list, as this worm exploits the Iframe vulnerability, first disco.