Two viruses that pose as security patches issued from Microsoft have outdone malicious
competitors like Klez, Bugbear and Blaster for the top two seats in October’s top virus
charts.
Gibe-F and Dumaru-A took the leading two positions respectively, according to two separate
virus ratings for last month.
”With Sobig-F reports dropping off substantially, the month of October had a changing of
the guard on top of the chart in favor of Gibe,” says Steve Sundermeier, a vice president
at Medina, Ohio-based Central Command, Inc., a security and anti-virus company. ”Much of
Gibe’s success can be directly attributed to its Microsoft-style email. Users need to
understand that Microsoft does not send attachments over email.”
Chris Belthoff, a senior security analyst with Lynnfield, Mass.-based Sophos, Inc., says the
two viruses pose a problem for corporate IT managers and for the software giant, as well.
”With more than 36 percent of reports, the top two viruses, Gibe-F and Dumaru-A — both of
whom pose as security patches from Microsoft support — are threatening to tarnish computer
users’ trust in Microsoft,” says Chris Belthoff.
Sophos ranks the top five viruses for October as: Gibe-F, Dumaru-A, MiMail-A, Sobig-F and
Klez-H. Central Command issued a similar ranking, listing its top five as: Gibe-C, Dumaru-A,
Klez-E, MiMail-A and Sober. The Klez virus has made the infamous list for 21 months now.
The Sober worm, particularly active in Germany, was the only newcomer in Central Command’s
ranking.
Of note in Sophos’ ranking is the inclusion of the CoreFloo-C trojan, which made it to
October’s eighth-highest spot. The trojan allows a remote intruder to access and control a
computer via the Internet Relay Chat. It’s the first time in 2003 that a trojan has made it
into the top 10 in a field dominated by Windows 32 viruses, reports Sophos analysts.
Sophos also ranks the top email hoaxes of the month. For October, the Hotmail hoax grabbed
the top spot. After that, Meninas da Playboy came in second, followed by Bonsai Kitten;
JDBGMGR; Budweiser Frogs Screensaver; WTC Survivor; Frog in a Blender; Bill Gates Fortune; A
Virtual Card for You, and Welcome to the Matrix.
”A new entry into October’s chart is the Welcome to the Matrix hoax,” says Belthoff. ”The
hoax is in French and warns people not to open PowerPoint presentations, entitled Welcome to
the Matrix. Just as the most common viruses this month, this hoax threatens Microsoft’s
credibility with some versions claiming to come from a Microsoft security team.”