Variants of the Klez worm were by far the most common viruses circulating on the Internet this month.
That's according to monthly statistics from managed services firm MessageLabs, which stopped 422,507 viruses in April, way up on the 161,904 it blocked in March, after a mercifully quiet start to the year in terms of virus infections. MessageLabs reports that virus infection rates are currently running at around one per 265 emails, which compares to one in 30 infected emails at the heights of the Goner and Love Bug epidemics.
Antivirus vendors such as Symantec have recently upgraded the threat level posed by Klez, but the worm is more accurately described as the latest high-profile virus rather than one of the most damaging.
In the last four weeks MessageLabs blocked 251,171 emails infected with Klez-H, with 40,239 SirCam infection-bearing emails stopped, and Klez-E (37,831) also featuring prominently in its monthly chart.
Klez is a mass-mailing worm that searches the Windows address book for email addresses and sends messages to all recipients that it finds. The worm uses its own SMTP engine to send the messages.
The subject and attachment name of incoming emails is randomly chosen, making it harder for users to spot. The attachment will have one of the following extensions: .bat, .exe, .pif or .scr. Klez is capable of infecting files.
The worm exploits a vulnerability in Microsoft Outlook and Outlook Express in an attempt to execute itself when you open or even preview the message. Information and a patch for the vulnerability can be found here. ®
Top ten viruses blocked by MessageLabs in April
Cisco and Sophos spoofed in virus mail-outs
Klez worm infects and infuriates
All quiet on the malware front
Bill Clinton virus proves user security sucks
Thousands of idiots still infected by SirCam
SirCam virus hogs connections with spam
Hybrid viruses set to become bigger threat
MS security memo a mere gesture
Users haven't learned any lessons from the Love Bug
Rise in viruses within emails outpacing growth of email
A plague on all our networks
AV vendors sell 'blunt razor blades'
Virus writers outpace traditional AV