Netsky Takes Top Spot In 2004 Threat Rankings

According to Helsinki-based security firm F-Secure, Netsky.p, a variation that debuted in March 2004, was the most common piece of malicious code in the wild, accounting for nearly one in four (24.3 percent) viruses or worms. Four other Netsky variants made the company's top 10, with the five combined making up a whopping 46 percent of all malware detected by the company during the year.

In contrast to the steady-state Netsky, said F-Secure, MyDoom.a provided the biggest spike in malicious code traffic as it debuted in late January and then quickly faded.

Both Beaverton, Ore.-based McAfee and Glendale, Calif.-based Panda Software also thought highly (or lowly) of Netsky.p.

McAfee listed it in its alphabetically-ranked top 10, while Panda said it was the second-most prolific virus of the year. Only the Trojan horse dubbed Downloader.GK accounted for more attacks. That Trojan, said Panda, was installed when unsuspecting users visited malicious Web site and accepted a ill-mannered ActiveX control. Once Downloader.GK was on the machine, it installed a pair of adware programs.

But while Panda said Downloader.GK made up about 14 percent of all attacks this year -- nearly one in six -- no other security firm ranked it nearly as high. McAfee, for instance, rated the Trojan as a minor threat when it hit this past summer.

One thing anti-virus firms do agree on is that viruses and worms became more numerous and more destructive in 2004 than the preceding year.

"In 2004, the rise in viruses, worms, phishing, adware, and vulnerability exploitation surpassed 2003," said Vincent Gulotto, the vice president of McAfee's AVERT research team in a statement. "Although we saw a steady 5 percent year over year decrease in the rate of virus production from 2000 to 2003, we've seen an increase in 2004."

Gulotto attributed the rise to the bitter back and forth of Bagle and Netsky authors earlier in 2004, as well as "a general lack of awareness to adware."

Moscow-based Kaspersky Labs also noted an increase in virus and worm activity in 2004, and in an online posting, said that the number of new entries to its malware database had bumped up by more than 30 percent this year.

Vulnerabilities, while fewer in number during 2004 than the year before, still remain a significant problem, said several firms.

McAfee noted that although the number of vulnerabilities discovered in 2004 were done 25 percent compared to the previous year, hackers are also taking up the slack. "Though security companies are becoming increasingly adept at recognizing and fixing vulnerabilities, along with manufacturers providing faster patches, hackers are becoming faster at producing exploits," said Gulotto.

Panda tapped vulnerabilities as a big contributor to security threats, too. Four of the ten top attacks during the year, it said, used vulnerabilities in popular programs to wreak havoc.

Exploited vulnerabilities are less of a threat to enterprises, however, than they are to consumers and their at-home PCs, said McAfee. In business, it's e-mailed viruses and worms (and to a lesser extent, spyware-spewing bots) that make up the bulk of attacks.