Antivirus firm Sophos PLC named the SoBig-F worm as the hardest hitting virus of 2003, accounting for almost a fifth of all reports to the company throughout the year.
Microsoft Corp. recently offered a reward to anyone who came forward with information leading to the capture of SoBig’s author. As yet the reward has not been claimed.
“SoBig-F unquestionably wins the dubious title of ‘worm of the year’. It spread more ferociously than any virus ever seen before, swamping email boxes. Some companies reported seeing hundreds of thousands of infected e-mails every day,” said Graham Cluley, senior technology consultant at Sophos.
“Ironically, some of the people worst affected by SoBig-F were the spammers. They found they could not send their millions of spams as easily because their email gateways were deluged by SoBig traffic,” Cluely added.
Blaster, the year’s second most prevalent worm, spread by exploiting a critical security hole in versions of Windows. In fact, the year’s top 10 viruses are all so-called Windows 32 viruses, which means they only affect Microsoft users. However, the take-up of Windows is unrivalled worldwide and means virus code spreads far in a very short time. Because of this, the trend for targeting Win 32 users with viruses looks set to continue well into 2004.
According to Sophos, spammers have adopted new techniques to get past current preventative measures, such as mixing innocent and bad text or adding random characters to break up ‘spammy’ words so that scanners cannot identify junk mail from real mail.
Sophos also points out that virus writers are working together to use infected computers as a launch pad from which to start denial of service attacks, as happened with Mimail-H and Mimail-E.
There has also been a marked increase in the number of worms attempting to extract financial information from the recipient. The most prolific of these was Mimail-J, which disguised itself as a message from payment system PayPal duping users into disclosing credit card information.