Top viruses of 2002

A look at the top viruses of 2002 and a warning about the possibility of a zero-day virus.



Central Command, a provider of antivirus solutions and IT security services, releases a monthly report of the top 12 viruses. This report is labeled the Dirty Dozen.

The most recent Dirty Dozen report was published on June 1, 2002. If you've been on the Internet for the last few months, then the virus that holds the number one spot for the number of discoveries within a single month, probably won't surprise you. It is the Klez worm. I'm still receiving Klez infected e-mails on a daily basis.

Here is the June 2002 Dirty Dozen:

Ranking Virus Name Percentage
1. Worm/Klez.E 60.2%
2. W32/Elkern.C 24.5%
3. Worm/W32.Sircam 3.9%
4. W32.Yaha.E 2.6%
5. W32/Nimda 2.3%
6. W32/Magistr.B 1.9%
7. Worm/Frethem.D 1.6%
8. Worm/Badtrans.B 0.7%
9. W95/CIH 0.4%
10. W95/Hybris 0.4%
11. W32/Magistr.A 0.2%
12. Worm/Shakira 0.1%

(This table is taken directly from the Central Command Dirty Dozen press release dated June 1, 2002).

The reason I'm discussing the Dirty Dozen report is to point out the seriousness of virus and worms. It is no longer an option to implement a multi-layered antivirus solution. It has become a requirement for doing business on the Internet. As you can see, the worst virus of 2001 (i.e. Sircam) has been pushed into the third spot by the two most widely spread viruses of 2002. Klez and Elkern are responsible for nearly 85% of the discovered infections for just the month of June.

Industry experts and doomsayers alike speculate that a serious worldwide infection of a zero-day virus could happen within the next year. A zero-day virus is malicious code that takes advantage of a system flaw or backdoor that isn't publicly known and thus no patch is available. By exploiting such a flaw, the virus could replicate and distribute itself across most of the world via the Internet at a mind-boggling rate, making all past rates of virus infections look sluggish. All it would take is a virus coded without errors and a programmer technically savvy enough to exploit complicated OS and software coding errors without tipping off intrusion-detection systems. It is only a matter of time. Is your environment ready to face such a threat?

You can view the current, archived, and all future Dirty Dozen reports from the Central Command Web site. Central Command offers the Vexira Antivirus product for Windows, Linux and several version of BSD.

For additional information about antivirus products and virus threats, please consult any of the following sources:

Symantec
TrendMicro
McAfee
Message Labs
Computer Associates


About the author
James Michael Stewart is a researcher and writer for Lanwrights, Inc.


This was first published in July 2002

Dig deeper on Network intrusion detection and prevention and malware removal

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close