Top Ten viruses most frequently detected by Panda ActiveScan in April

Top Ten viruses most frequently detected by Panda ActiveScan in April Netsky.P has been by far the most virulent malicious code over the last month Glendale, CA - April 30 2004 - Panda Software announces that the effects of the wave of viruses that began in February, and continues to be felt by computer users around the world, can be seen in the data gathered by the Panda ActiveScan free, online scanner. Five variants of Netsky alone were among the most frequently detected viruses in April. Netsky.P, (http://www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=45740) responsible for 15.29% of infections, topped the April ranking of malicious code. This could largely be due to its ability to spread, not just via e-mail, but also through peer-to-peer file sharing applications. Netsky.P also exploits the Iframe vulnerability in Internet Explorer to run automatically on victims’ computers. Some way behind Netsky.P came the D variant of Netsky followed in turn by the Downloader.L Trojan, which continues to infect a considerable number of computers month after month. After these came Netsky.B, Nachi.B and Netsky.C, three more viruses associated with the current wave of malicious code. However, the Revop.F Trojan -first detected at the beginning of March-, has gradually becoming more of a menace and was recorded in seventh place in last month’s list. This malicious code downloads adware onto the victim’s computer. Bagle.pwdzip -also related to the recent plague- was in eighth place, although this figure represents the detection of all variants of Bagle that could reach computers in password-protected .zip files. Ninth place was held by the oldest virus in the Top Ten, the polymorphic Parite.B, which due to its multiple means of infections, has appeared consistently in the list of malicious code detected by Panda ActiveScan. Last month’s ranking was completed by Netsky.Q. Virus % frequency W32/Netsky.P.worm 15.29% W32/Netsky.D.worm 8.00% Trj/Downloader.L 6.95% W32/Netsky.B.worm 6.29% W32/Nachi.B.worm 5.91% W32/Netsky.C.worm 3.72% Trj/Revop.F 3.52% W32/Bagle.pwdzip 2.58% W32/Parite.B 2.41% W32/Netsky.Q.worm 2.35% The following conclusions can be drawn from the data collected by Panda ActiveScan last month: - Seven of the viruses in the list are worms that have been unleashed as part of the current ‘cyberwar’ between various groups of virus creators. Netsky, designed to eliminate the Mydoom, Bagle and Mimail worms from infected computers, is clearly dominating the ‘battle’. - Many users are still not applying the patches released by vendors to fix common software vulnerabilities. This is highlighted by the presence of Netsky.P at the head of list, as this worm exploits the Iframe vulnerability, first discovered and resolved more than two years ago. To help as many users as possible keep their systems virus free, Panda Software offers Panda ActiveScan, free of charge, at http://www.pandasoftware.com/. Webmasters who would like to include ActiveScan on their websites can get the HTML code, free of charge, from http://www.pandasoftware.com/partners/webmasters/ Panda Software also offers users Virus Alerts, an e-bulletin in English and Spanish that gives immediate warning of the emergence of potentially dangerous malicious code. To receive Virus Alerts just visit Panda Software's website (http://www.pandasoftware.com/) and complete the corresponding form in the Virus Alerts section. For more information about these and other viruses, visit Panda Software's Virus Encyclopedia at: http://www.pandasoftware.com/virus_info/encyclopedia About PandaLabs On receiving a possibly infected file, Panda Software's technical staff get straight down to work. The file is analyzed and depending on the type, the action taken may include: disassembly, macro scanning, code analysis etc. If the file does in fact contain a new virus, the disinfection and detection routines are prepared and quickly distributed to users For more information: Alan Wallace [email protected] Tel. (818) 543-6909