This was a turbulent year of viruses, phishing attacks and bank-robbing
Trojans. And it was a lot for IT and security managers to have to suffer
through.
This also was the year of the Netsky worm family, according to Graham
Cluley, senior technology consultant at Sophos, Inc., an anti-virus and
anti-spam company with its U.S. base in Lynnfield, Mass. The Netsky
family rampaged through the wild this year, Netsky-P reigning as the most
prevalent piece of malware on the Internet from the time it first
appeared in March to this month.
”Netsky-P was first seen way back in March, and it’s still the worst
worm out there,” notes Cluley, adding that Netsky-P is now wrestling
with the much younger Sober-I for the very top spot. ”It’s still
accounting for 23 percent of all the viruses being reported to us around
the globe… It’s extraordinary that it’s still causing a lot of problems
seven or eight months after it came out.”
According to Sophos analysts, Netsky-P was the most prevalent malware of
the year, accounting for 22.6 percent of all the malware traveling the
Internet. Zafi-B came in second with 18.8 percent; the Sasser worm came
in third with 14.2 percent; Netsky-B was in fourth place with 7.4
percent, and Netsky-D with 6.1 percent.
”2004 was the year of the Netsky — the first of more than 30 versions
of this worm arrived on the scene in February and an astonishing five
variants have made it into the annual top 10,” says Cluley. ”A German
teenager called Sven Jaschan is responsible for more than 50 percent of
all the virus incidents reported in 2004.”
This also was the year of the virus. Cluley points out that there have
been 51.8 percent more new viruses written this year than in 2003. Last
year, virus writers produced 7,064 new viruses. This year, 10,724 new
viruses hit the wild.
”Certainly, you had to make sure your procedures and policies were in
place and update your anti-virus software because new viruses were coming
out all the time,” says Cluley. ”Virus writers have been really nasty.
In the past, most virus writers were teenage boys pulling pranks. They
were showing off to their mates. It was all about mischief and nuisance.
”Now we’re seeing the commercial world enter virus writing,” he adds.
”When business and criminal gangs get involved, it gets a lot less
pleasant, because there’s money involved. Now we see viruses trying to
steal money or they’re trying to use your computer to send spam or to
phish from you. We fully expect that to continue and escalate into
2005.”
And Cluley says it’s the variety of virus types and the variety of
attacks that makes 2004 stand out. Phishing was big in ’04, as was taking
over computers and using them as zombie machines to ship out spam or
denial-of-service attacks. Spyware and adware gained ground in ’04, and
the banking Trojans hit hard first in Brazil and then moving to Europe
and North America.
But arrests also were big in ’04.
”Yes, it’s been a bad year in terms of the number of viruses,” says
Cluley. ”But we’ve caught more virus writers than ever before. We’ve
seen dozens of virus writers, hackers and phishers arrested in the last
12 months. And we’ve got some big court cases coming up.”
Cluley points out that authorities have apprehended the self-confessed
author of the Netsky and Sasser worms; the author of the Blaster worm;
several alleged spammers, including Jeffrey Jaynes; Nick Marinellis, an
alleged phisher from Australia, and 50 other phishers from Brazil.