Alex Shipp, senior anti-virus technologist at MessageLabs, keeps IT security managers up-to-date with all the latest virus news
The top ten most prevalent computer viruses during October were:
  • 1: W32/SirCam-mm – 93442
  • 2: W32/Magistr.A-mm – 17552
  • 3: W32/Magistr.B-mm – 11541
  • 4: W32/Hybris.B-mm – 9271
  • 5: W32/Badtrans.A-mm – 1980
  • 6: W32/Nimda.A-mm – 1840
  • 7: W32/MTX-m – 1729
  • 8: JS/Kak.A-m – 1531
  • 9: W32/Hybris.D-mm – 1188
  • 10: W32/Navidad.E-m – 691

Commentary: November
SirCam, the mass mailer virus that never dies, is still at the top of the virus 'hit list' after nearly three months in circulation. MessageLabs still sees approximately 5,000 copies of the virus each day, even though patches have been provided by all the anti-virus program vendors.

One explanation for the virus' continual propagation is its ability to attach itself to different files from the infected PCs' 'my documents' folder. This creates what appears to be a genuine document, but it's actually executable code. Double clicking on the file displays the document as well as running the virus code, meaning that many end users are unaware their PC has been infected.

It's very hard for those without anti-virus protection to spot that an e-mail contains the virus, thus they open the attachment and another round of infection kicks-in.

Although the Nimda.A virus – which actually erupted in the middle of September – has received a huge amount of press coverage, it's only the sixth most prevalent virus this month. Taking many of the anti-virus vendors by surprise, the hybrid Nimda used several different methods (including e-mail) to infect computers.

Vendors found themselves issuing patch after patch as they discovered more facets of this destructive virus, and yet more holes that needed to be filled. Unsuspecting users unwittingly found themselves at the mercy of Nimda simply as a result of browsing the Internet, reading e-mails or file sharing.

Fortunately, the Nimda virus has relatively low levels of activity because, when it spreads by e-mail, the PC it attempts to infect has to be open to a specific security vulnerability. This has limited spread. That said, IT security managers should be on their guard. Nimda has the capacity to do more than merely inconvenience a network with e-mail and web traffic. It can also lower security settings, allowing hackers easy access to your company's networks.