SASSER AND NETSKY LEAD THE LIST OF THE TOP TEN viruses most frequently detected by Panda ActiveScan GLOBALLY in May

SASSER AND NETSKY LEAD THE LIST OF THE TOP TEN viruses most frequently detected by Panda ActiveScan GLOBALLY in May Sasser Not Among Top 10 VIRUSES FOR the US Glendale, CA - June 1, 2004 - May started with a widespread epidemic caused by the Sasser worms. These malicious code exploit a vulnerability in Windows operating systems known as LSASS and as a result, many computers were infected in minutes. However, data gathered by the free, online scanner, Panda ActiveScan, shows that none of the Sasser variants have been able to take first place in the Top Ten viruses most frequently detected in May. Last month, Netsky.P held on to the top spot, causing 10 percent of infections. Second in this ranking is Briss.A a Trojan that emerged at the beginning of May. Even though it is not designed to spread through its own means, it seems to have been widely circulated by malicious users via e-mail, Internet downloads, etc. Although the presumed author of the Sasser and Netsky worm was identified and arrested on May 7, his creations continued to wreak havoc on users’ computer throughout the month. This is demonstrated by the fact third and fourth in the ranking are Sasser.ftp (a generic detection routine for the script created by the Sasser worms to download themselves to computers via FTP) and Sasser.B. The top half of last month’s Top Ten is completed with Netsky.D. Another worm programmed to exploit a software vulnerability, Nachi.B, comes in sixth. This malicious code is followed by the Trojans, Downloader.L-which has appeared in the list of viruses most frequently detected over the last few months- and Revop.F, designed to download other malicious programs to the computer. When you review the data showing the same old viruses appearing in this top ten list it is evident that many users still do not have adequate automatic virus protection installed on their computers.  Having up to date virus protection running properly would stop any of the viruses on this list, said Patrick Hinojosa, CTO of Panda Software US. The last two positions in the Top Ten are taken by the B and Z variants of the Netsky worm. Virus % frequency 1. W32/Netsky.P.worm 10 2. Trj/Briss.A 8.45 3. W32/Sasser.ftp 5.94 4. W32/Sasser.B.worm 5.2 5. W32/Netsky.D.worm 5.05 6. W32/Nachi.B.worm 4.6 7. Trj/Downloader.L 4.36 8. Trj/Revop.F 4.22 9. W32/Netsky.B.worm 3.84 10. W32/Netsky.Z.worm 3.7 TOP 10 VIRUS INFECTIONS US Virus % frequency 1. Trj/Briss.A 14.75 2. Trj/Downloader.L 9.46 3. Trj/Revop.F 8.66 4. Trj/Virtumonde.C 7.52 5. W32/Netsky.P.worm 6.21 6. Trj/Multidropper.AM 4.59 7. Trj/Downloader.AN 4.08 8. Trj/Downloader.DK 3.76 9. Trj/Qhost.gen 3.68 10. W32/Bagle.pwdzip 3.14 Hinojosa also noted, “It is very interesting to see that Sasser did not appear in the Top 10 for the US market which would seem to say that computers and computer networks are more likely to be protected with hardware and/or software firewalls from the office to the home.” **MORE INFORMATION AVAILABLE AT PANDA SOFTWARES VIRUS ENCYCLOPEDIA Netsky.P www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=45740&sind=0 Briss.A www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=46978&sind=0 Sasser.ftp www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=47371&sind=0 Sasser.B www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=46875&sind=0 Netsky.D www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=45205&sind=0 Nachi.B www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=44588&sind=0 Downloader.L www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=42511&sind=0 Revop.F www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=45264&sind=0 Netsky.B www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=44815 Netsky.Z www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=46507&sind=0 The following conclusions can be drawn from the data collected by the free, online scanner, Panda ActiveScan last month: - Software vulnerabilities continue to prove to be one the most effective means of spreading computer viruses. Both Netsky.P and the Sasser worms -which occupy four of the first five places in the ranking- use this method. This suggests that users need to be kept informed about the vulnerabilities detected in the software installed on their computers and to install the patches released to fix them. - Three of the most frequently detected viruses in May are Trojans, marking an increase in the impact of this type of malicious code. Users should take note of this trend, given the different actions that Trojans can carry out on the computers on which they are installed, such as stealing confidential data that can then be used to commit fraud. To help as many users as possible keep their systems virus free, Panda Software offers Panda ActiveScan, free of charge, at http://www.pandasoftware.com/activescan. Webmasters who would like to include ActiveScan on their websites can get the HTML code, free of charges, at http://www.pandasoftware.com/partners/webmasters. Panda Software also offers users Virus Alerts, an e-bulletin in English and Spanish that gives immediate warning of the emergence of potentially dangerous malicious code. To receive Virus Alerts just visit Panda Software's website (http://www.pandasoftware.com) and complete the corresponding form in the Virus Alerts section. For more information about these and other viruses, visit Panda Software's Virus Encyclopedia at: http://www.pandasoftware.com/virus_info/encyclopedia. About PandaLabs On receiving a possibly infected file, Panda Software's technical staff get right to work. The file is analyzed and depending on the type, the action taken may include: disassembly, macro scanning, code analysis etc. If the file does in fact contain a new virus, the disinfection and detection routines are prepared and quickly distributed to users. For more information: Alan Wallace (818) 543-6909 [email protected]