AVIRA Press Center - September Virus Top 10

September Virus Top 10

Thu, 18 October 2007

Netsky.P defeated by its own sibling - Netsky.HB

The Top 10 Malware for September, including the top ten viruses and phishing attacks, is released today by Avira. After a predominant appearance in the last top 10 with 39.95 % of all samples discovered in August, Netsky.P is now on the second position, following his sibling Netsky.HB.

The malware report for September brings new changes: the first positions of our Virus Top 10 and Phishing Hierarchy are now different from the last month. If in August the podium included two versions of Mytob and one Netsky variant, in September we had two Netsky versions and one Mytob version on the podium.

Besides Netsky.HB, which is the most spread virus, the first target of phishers in September was Bank of America.

The third most dangerous virus in September was Mytob.HA, which switched places with Mytob.MR. Mytob.HA makes use of the MS04-011 (LSASS Vulnerability) Exploit and blocks access to several security websites.

82.64 % of all samples identified by Avira's special observation networks in September 2007 were classified as spam emails while 3.22 % were viruses and 14.14 % were represented by phishing attacks.

On 11 September a new worm was spread via the Skype software. This malware sends messages with subjects such as "look what crazy photo Tiffany sent to me, looks cool" to the contacts in the individual Skype contact list. The message contains a link which leads directly to the worm. However, the servers of Avira AntiVir were not affected by this threat. AntiVir detected the worm with VDF as 'Worm/Skipi.C'.

Here is a shot of our September Virus Top 10:

Worm/Netsky.HB	20.5 %
Worm/NetSky.P	15.9 %
Worm/Mytob.HA	8.1 %
Worm/Mytob.MR	8.0 %
TR/Dldr.Stration.Gen	4.8 %
Worm/Mytob.AT	4.5 %
TR/Bagle.GD	4.0 %
Worm/Mytob.J	2.6 %
Worm/Mytob.T.6	2.5 %
Worm/Mytob.CL	1.8 %
Others	27.3 %

For technical information on any of these worms, please see the detailed descriptions on the Avira website. Also, please keep in mind that all Avira users are perfectly protected against these threats.

Make sure you update your Avira product on a regular basis in order to detect the latest threats.

According to Avira phishing-experts the new number one target of phishing attacks in September, was Bank of America. The new entry of our phishing hierarchy in September is Citizens Bank, a phishing attack discovered on 4 September. The message sent to Citizens clients contain a URL link which goes to a phishing web page where the users are requested to complete an on line form. The phisher's goal is to get their bank accounts.

Bank of America	24.10 %
PayPal	22.18 %
PosteItaliane	10.12 %
EBay	8.88 %
Citizens Bank	3.37 %
New phishing-emails	1.10 %
Others	30.23 %

For more information on how to recognize a phishing fraud, take your time to read our dedicated page

In September, Avira discovered the following new targets of phishing attacks: American Express, Banco de Chile, AOL, Grupo Banco Popular, Sunwest and Yahoo.

Avira strongly recommends all users to be careful with suspicious emails and unexpected attachments, no matter what interesting subjects they might claim to be carrying and to update their security product on a regular basis.

For more information on how to recognize a phishing fraud, take your time to read our dedicated page.

Remember that we are here to assist you against the malware threat. Get rid of your doubts when facing a suspect file: just send it to and we will analyze it for you. Take a moment to see how to submit malware and then follow our instructions to send the suspicious file.

Other news from this category	Archive