The Web    Google
Palyh and Fizzer Top Troublemakers in May

Palyh and Fizzer Top Troublemakers in May
June 2, 2003

After topping the infamous virus charts for several months, the Klez and Yaha worms have some company from newcomers in the virus world -- Palyh and Fizzer.

Both Sophos Inc. and Central Command, Inc., antivirus vendors, report that they detected a plethora of new viruses, worms and Trojans in the month of May. Sophos reported 611 new entries, while Central Command reported 915 new malicious applications.

Palyh and Fizzer hit the Internet with enough force to rank them in the number one and number two spots, in terms of frequency, on the Sophos list. At Central Command, Fizzer was ranked fourth, with the Klez worm retaining its number two position.

Palyh accounted for nearly one-quarter of all confirmed infection reports at Central Command, and nearly 20 percent at Sophos.

''In its short period of existence, Palyh infected thousands of users worldwide outpacing Klez.E as the number one confirmed virus for May 2003,'' says Steven Sundermeier, product manager of Central Command, Inc., adding that Palyh was discovered May 18. ''Palyh was written very deceitfully, as it arrives masquerading as an email sent from the Microsoft Support Department. Users should ask themselves, 'Why would the technical support team at Microsoft send me an unsolicited email with a movie28.pif file attachment?'.''

Fizzer, which Central Command calls Fizzu, is a worm that proliferates through email and file-sharing programs.

''We are seeing more and more viruses coded to spread over peer-tp-peer (P2P) applications like Kazaa,'' says Sundermeier. ''Nine out of ten times, the P2P worm will copy itself under enticing filenames like password-cracked software programs, downloaded movies, games or pornography. The bottom line is that programs like Kazaa are opening gapping security holes within a corporate infrastructure.''

Fizzer trailed way behind Palyh with only 6 percent of confirmed infections at Central Command and 9.8 percent at Sophos.

Fizzer and Palyh bear a solid warning for users, according to Chris Belthoff, a senior security analyst at Sophos.

''Both of these prove that it isn't enough just to block your email gateway -- companies should also ensure that virus protection for their desktops are automatically updated,'' warns Belthoff.

Sophos' list of top five viruses, in order of ranking, are: Palyh, Fizzer, Klez, Lovgate and Sobig. Klez has made the Sophos chart for the past 16 months.

At Central Command, the top five are: Palyh, Klez.E, Sobig, Fizzu (or Fizzer), and Yaha.

  • 7/13: Rbot-DL Empowers Remote Users
  • 11/23: Yanz-B Worm Written in MSVC
  • 1/11: Symbos_Vlasco-B Virus Hits Bluetooth
  • 4/7: Rbot-AAF Worm Hits Network Shares
  • 7/1: PWSteal.Refest Steals Banking Info
  • House Passes Anti-Spyware Bill
  • Time to Remind Users of Security Responsibilities
  • Secure Your Network Against Viruses, Spam
  • Spam Foes Worry New FTC Rule Not Enough
  • Startup Unveils Web Server Assessment, Defense Toolkit
  • Stomping Out Spam: The Spam Series, Part 1
  • Home Security Camera Background