A three-year-old worm that disseminates through e-mail has made a comeback, leaping to the second place of Sopho's top 10 list of e-mail malware threats for November 2007.
In a statement released today, the security vendor reported that the "old-timer" worm--dubbed Traxg--accounted for nearly a quarter of e-mail-borne malware for the month of November, at 23.6 percent. The worm was first detected in October 2004.
Graham Cluley, senior technology consultant at Sophos, said: "Traxg hurtling into second position this month has come as a complete surprise, and the fact that unsophisticated worms are still slipping through the net at such a rate of knots is a clear indication that huge numbers of users, and potentially companies, are failing to install even basic antivirus protection."
Pushdo, which was the No.1 e-mail-based malware for October, once again topped the chart for November and accounted for nearly 30 percent of malware detected. "In first place, Pushdo continues to wreak havoc. A clear reason for its ongoing success is the guilty cybercriminal's ability to quickly create different variants, which are being spread voraciously in a range of spam messages," he said.
"Each new piece of spam that harbors the Trojan has been created to tempt users, and whether it's enticing them to watch videos of Britney or view naked pictures of Angelina, this fraudster's tactics are certainly working," Cluley added.
In November, 0.1 percent of e-mail messages were carrying malicious e-mail attachments, or one in every 1,000, Sophos said.
Web attacks have also risen in November, with 7,500 new infected Web pages detected by Sophos every day, the security company said. This is an increase of more than a third when compared to the same period in October.
Mal/Iframe once again topped the chart this month, accounting for more than two-thirds of all infected Web pages found in November, at 69.6 percent, Sophos said, noting that a Trojan, dubbed Unsc, that attempts to download malicious code from the Web, made its first appearance on the chart, at No. 7, accounting for 0.7 percent of Web-based malware detected.
According to the Sophos study, China is the No. 1 country hosting malware-infected Web pages for November, at 55.2 percent. Web pages hosted in China continue to be plagued by Mal/Iframe, and overall the country hosted more than 50 percent of this month's infected Web pages.
The United States is in second place at 19.7 percent, with Russia trailing at 11.4 percent.
"China, the United States and Russia, continue to dominate the chart, accounting for more than 85 percent of all infected Web pages worldwide," Cluley said, noting that the entry of four new countries to the chart--Turkey, the United Kingdom, Poland and France--shows that the problem is a global one.
"To stop it [from] turning into a major pandemic, Web hosts throughout the world would be well advised to clean up their sites and quash the hackers by installing Web security protection," he added.