Virus top 10: A Sobering return

MyDoom, the virus that took down SCO's website and had a pop at Microsoft and the RIAA into the bargain, has lost its place at the top of the chart for most reported virus in February.

February's malware figures from antivirus firm Sophos show that young upstart MyDoom.A has lost out to old hand Sober.C, with 35.3 per cent of all virus reports in February, compared to 25.3 for MyDoom.A.

The Sober.C variant has been doing the rounds since December and distributing itself via email and peer-to-peer networks with a spot of grammatically suspect but clearly effective social engineering – using subject lines like 'you use illegal file sharing' and 'Preliminary investigation were started'.

Graham Cluley, senior technology consultant for Sophos, said that individual users could well be the primary cause of the spread. "I think what we're seeing is the home-user effect. Many home users are considerably more lax about keeping their security up to date than their corporate equivalents. Businesses have resourced IT departments to try and keep their users' updated, but home users don't have that luxury," he told silicon.com, adding that the multilingual nature of the virus didn’t help either.

New faces are making their mark on the chart, however. Netsky.B makes it to the number three position with 7.8 per cent of all reports, also using social engineering and P2P networks to spread itself, with Bagle.B following on close behind with 5.3 per cent.

The supposedly self-terminating Bagle virus has been getting a new lease of life this weekend, with several new variants found in the wild.

February's virus chart in full

1. Sober.C 35.3 per cent

2. MyDoom.A 25.3 per cent

3. Netsky.B 7.8 per cent

4. Bagle.B 5.3 per cent

5. Dumaru.A 2.6 per cent

6. Mimail.J 2.4 per cent

7. Mimail.C 1.8 per cent

8. Mimail.Q 1.1 per cent

9. Bagle.A 1.1 per cent

10. Gibe.F 1 per cent

Others: 16.3 per cent