Authors
Kaspersky Labs presents a review of computer virus activity for January 2003.
The Top Twenty Most Widespread Malicious Programs
The percentage shown represents the percentage of registered incidences.
| position | virus | percentage by occurrence |
|---|---|---|
| 1 | I-Worm.Klez | 16.65% |
| 2 | I-Worm.Lentin | 8.75% |
| 3 | I-Worm.Sobig | 6.57% |
| 4 | I-Worm.Avron | 6.55% |
| 5 | Macro.Word97.Thus | 5.17% |
| 6 | I-Worm.Hybris | 3.13% |
| 7 | I-Worm.Roron | 2.46% |
| 8 | I-Worm.Tanatos | 1.92% |
| 9 | <!–!–> Backdoor.NetDevil | 1.25% |
| 10 | Macro.Word97.Saver |
1.17% |
| 11 | I-Worm.Magistr | 0.95% |
| 12 | Macro.Word97.Marker | 0.95% |
| 13 | Worm.Win32.Opasoft | 0.79% |
| 14 | I-Worm.KakWorm |
0.76% |
| 15 | Win95.CIH | 0.72% |
| 16 | <!–!–>Trojan.Spy.SCKeyLog | 0.71% |
| 17 | Backdoor.Death | 0.67% |
| 18 | <!–!–>VBS.Redlof | 0.66% |
| 19 | Win32.Elkern | 0.66% |
| 20 | Win32.FunLove | 0.65% |
| *Other Dangerous Programs | *38.87% | |
*not counted among the 20 most widespread
This rating of the most widespread malicious programs does not reflect the noise created by the network worm “Helkern” at the end of January. The reason for this is the standard method used to gather statistics (counting user reports and data from public access e-mail systems) does not yield precise enough information to generate accurate research statistics. Governmental and commercial organizations alike prefer to not publicize episodes such as worms penetrating their networks. Additionally, monitoring e-mail traffic simply does not help improve the situation, as “Helkern” does not use e-mail to spread itself. Alternative sources for data, so called “honeypots” for catching malicious packets, also don’t lend accurate data in terms of the actual number of computer infections. In the end, the means at our disposal are only empirical methods for defining the scale of epidemics and are not applicable for compiling monthly virus ratings.
The most pessimistic estimations have “Helkern” infecting approximately eighty thousand computers the world over. If to compare this indicator with the virus statistics of the Top Twenty list for January, it is safe to say that the “Helkern” worm actually took first place, provoking nearly 50% of all January virus incidences.
Most January infections were caused by network worms (77.19 %), programs that can spread via the Internet (e-mail, Web-services, Internet messengers, IRC channels, etc.). In second place are computer viruses (16.33) – especially prominent were Macro viruses. Trojan programs (6.49%) occupy the third position. The data shows a break in the trend started toward the end of 2002, when network worms experienced a percentage decline. Although, it is important to note that “Helkern” did not register in the source data for this review. If it were factored into the top twenty the entire picture would undoubtedly change and the share held by network worms would jump to a whopping 90%.
Authors
From the same authors
In the same category
Virus Top Twenty and Review for January 2003