Klez worm variant tops virus chart

A report from British antivirus company Sophos says that the latest and friskiest versions of the Klez worm were by far the most active computer threat last month.

The latest and friskiest versions of the Klez worm were by far the most active computer threat last month, according to a new report from British antivirus company Sophos.

The Klez.g and Klez.h worms were responsible for 77.8 percent of all virus infections in April, according to the report.

The Klez.h worm surfaced in mid-April and quickly became one of the fastest-spreading pests to ever hit people's e-mail. British security firm MessageLabs currently lists Klez.h as No. 3 on its all-time virus list, with more than 315,000 infected messages intercepted.

Unlike previous versions of the worm, Klez.h poses an additional privacy threat by snagging documents from infected PCs as it spreads. It also generates randomly selected messages and subject lines for infected e-mail messages, including one variation that poses as a tool for fixing the last major Klez infection, Klez.e.

Security experts have characterized the rapid spread of Klez.h as a sign of lax security measures among corporate and home e-mail users. The worm takes advantage of a vulnerability in Microsoft's Outlook e-mail software, although a patch for the hole has been available for the past year. The worm is also close enough to its predecessor, Klez.g, that any antivirus program updated within the past few months should intercept it.

"The success of Klez.h is strong evidence that computer users are failing to keep their antivirus software up to date," said Stuart Palmer, managing director at Sophos' Australian branch.

Featured Video