It's something of a truism, that 'old viruses never die', and that certainly seems to be the case for some of the older, more widespread, email worms. In this interview (http://www.signonsandiego.com/uniontrib/20041129/news_lz1b29five.html) back in 2004, I talked about an email worm called "Win32/Zafi.b" which, at the time, had recently been spreading on a global scale.
However, a quick glance at ESET's 'Virus Radar' system shows that, seven years later, Zafi.b is still going strong – although we can probably expect to see this slow down as the usage of Windows XP declines. The dates shown for 'first detection' are due to the way the system logs get cleared out, and there may also be some degree of heuristic detection here (things that are variants of this worm).
The virus radar system only tracks malware that spreads via email, and for only one ISP's email servers, so it doesn't expose the sorts of threats that are most prevalent, but what this does demonstrate is that, as far as we can see, some really old malware is still actively infecting systems.
Indeed, there is plenty of old malware still running around, and with all the noise about the newer threats, we can sometimes forget that part of good cyber-hygiene is cleaning up old threats and making sure systems are patched and updated.
Leave a reply