David Banes, security response manager for Symantec, told ZDNet Australia that infection reports had slipped since Saturday, but pointed out that was over the weekend, when most people were not at work. "It's difficult to tell whether we're having a genuine drop," he said.
Banes pointed out that America and Europe had not had a public holiday on Monday - similar to some states of Australia - and said that relative distribution had remained the same over the weekend.
Paul Ducklin, head of global support for Sophos Anti-Virus said he could not say whether the worst was over, but conceded Bugbear was continuing to cause problems. "It's difficult to say, it comes and goes," he said. "It's similar to Klez and Sircam, where there was no huge spike, just something that looks like it will be around for some time."
Although new infections may be falling off, MessageLabs, an international Internet-level managed email security services company, has reported that one in every 63 e-mails is currently the Bugbear worm. As a comparison, at its peak the LoveBug comprised one in 28 emails, and Klez.H one in 169.
However, Ducklin said there was a silver lining, with people finally beginning to realise the extent of their systems' vulnerabilities. "People are biting the bullet and taking active steps so that next time they'll be ahead of the game instead of behind," he said. "They want to know how to update their antivirus programs, they want to know about best practice."
Ducklin said Bugbear didn't appear to have taken off in the US, despite Sophos still receiving plenty of US reports for Klez. "If you're vulnerable to Klez you're almost certainly vulnerable to Bugbear," he said.
