Report: Bugbear, Sobig top viruses so far in 2003

The Bugbear and Sobig viruses top a list of the most frequently occurring viruses of 2003, according to a report released by antivirus company, Sophos.

A total of 3855 new viruses were introduced in the first half of this year, Sophos said, an increase of 17.5 per cent over the same time last year.

The growth of the Internet, coupled with the wider availability of virus-writing tools, was driving this increase, according to Sophos senior security analyst, Chris Belthoff.

Many of the virus authors appeared to be operating in countries that do not have antivirus laws on the books, he said.

More than half of the viruses that Sophos tracked in 2003 appear to have emerged from Eastern Europe or the Pacific Rim, Belthoff said.

"These people are probably of a mindset that they're untouchable under the law," he said.

Unfortunately, 2003 has seen its fair share of new exploits, including Bugbear and Sobig, which respectively accounted for more than 14 and 18 per cent of the inquiries to Sophos's technical support department to June.

"The Bugbear virus was a pretty complicated virus in terms of what it did and the methods it used to spread," Belthoff said. Bugbear would change its appearance, which made it hard for antivirus software vendors to identify it, and it also appeared to target specific companies, he said.

"A lot of things in the Bugbear virus were pretty malicious," Belthoff said.

Sobig also represented a new direction for virus makers, the chief technical officer of email security company MessageLabs, said.

"We're now seeing virus technology used by the spam community," he said.

Sobig installs a trojan-type virus on any infected machine that could eventually be used as a spam relay point, Sunner said.

Infected machines were "effectively waiting for the spammer to come along and connect to them and use the machines for whatever they want," he said.

The percentage of virus-infected email intercepted by MessageLabs' software had increased by 13.6 per cent in the last month, Sunner said. Sophos declared Avril Lavigne the "virus celebrity of the year so far," thanks to the appearance of two variations of the Avril virus on the company's top 10 list. The virus contains a wide range of attachments with names such as "AvrilSmiles.exe" prompting the many fans of Lavigne's music to launch the virus.

Avril accounted for more than 5 per cent of Sophos' customer inquiries, the company said.

The top 10 viruses on Sophos's list were, in order of prevalence, Bugbear-B, Sobig-C, Klez-H, Sobig-B, Sobig-A, Avril-B, Bugbear-A, Avril-A, Fizzer-A, and Yaha-E.