Sober worm now in 4 per cent of all email

Found 5th May 2005
Be very careful out there.

Sober worm now in 4 per cent of all email
Antivirus company Sophos claims the Sober worm now accounts for one in every 22 emails

One in every 22 emails circulating the Internet on Wednesday contained the latest version of the Sober worm, according to latest statistics from a UK antivirus company.

Sophos claimed that the mass-mailing worm, which has been reported in 40 countries after first appearing on Monday, now accounts for 79 percent of all viruses the company is seeing.

"It's still very widespread," said Graham Cluley, senior technology consultant for Sophos. "It appears to turn off Symantec's antivirus protection and the Windows XP firewall. It seems to do that to set up future attacks." He went on to say that the worm is likely to be preparing computers to distribute spam.

"That's probably why it has become widespread so quickly," he said. "[Virus writers used spam technology to send it out. Now it's just perpetuating."

Sober.P which security companies have variously tagged as Sober.N, Sober.O or Sober.S travels as an attachment in emails written in English and German. One of the most widely reported email contains an alluring message stating that the recipient has won free tickets to the 2006 World Cup in Germany, but many other types have also been spotted. Once opened, the virus sends itself to email addresses harvested on the infected machine.
Community Updates
This is not good.......
[color=darkblue]Make sure you keep your anti virus programmes up to date + if you have active scanning available, use it. All my e-mail is scanned when it's downloading + although it slows things down a bit, it's better than the alternative.[/color]
I found this bit of info, I noticed the reference made to 'Promise free stuff and they will click.'

Computer virus writers use World Cup tickets as bait (CNN) -- It's the … Computer virus writers use World Cup tickets as bait (CNN) -- It's the oldest trick in the virus writer's handbook.Promise free stuff and they will click.Around the world, and especially in Europe, soccer fans are falling for an e-mail promise of free tickets to the 2006 World Cup finals in Berlin, Germany.The computer worm, known as Sober-N, was identified on Monday, and has been spreading dramatically."Essentially, it is doing classic social engineering," said Gregg Mastoras, a senior security analyst at the anti-virus company Sophos.Sober-N is spreading in both English and German, with the German version disguised as a successful confirmation of a ticket order to the 2006 World Cup, among the biggest sporting events in the world. Computer users are asked to click on an attachment for more information. The English version is not soccer related, instead it implies that there is some problem with the user's e-mail that needs to be addressed, by clicking the attachment.But in either language, that click will instead trigger the worm to harvest all the e-mail addresses on that computer, and send the same message to everyone on it.Sober-N is unlike other computer worms and viruses that carry malicious payloads, capable of stealing passwords or deleting files."The only thing that is going to happen is, it's going to dramatically slow things down on your computer," said Mastoras. "Mailboxes are filling up as we speak, and that may become a productivity issue," he said.MessageLabs, a company that provides managed e-mail security for businesses, reports finding more than 1.1 million copies of the virus destined for its customers. MessageLabs spokeswoman Shelley Driscoll says the virus was filtered before it reached their 11,000 clients worldwide.The mantra that anti virus companies have been chanting for years is applicable to this threat.Computer users should never open e-mail attachments from unknown parties; they should update anti-virus, anti-spam and anti-spyware software on a regular basis, or invest in a program that automatically updates and installs those security programs when new threats are identified.This is not the first time that virus writers have exploited the planet's love of soccer. In 2002 a virus called Chick-F posed as an onscreen scores ticker during the World Cup in South Korea and Japan. And in 1998, a virus called WM97/ZMK-J asked computer users to pick the winners of upcoming matches. A wrong answer triggered a payload that wiped data off the user's hard drive.Who is behind Sober-N?Mastoras says there are two types of virus writers; organized criminals who use "malware" (malicious software) to steal information for financial gain; and the publicity seekers, who want their 15 minutes of fame.He says the creator of Sober-N definitely fits the bragging profile.

If anyone hasn't got a virus checker running I would suggest keeping it running.

If anyone hasn't got a virus checker at all then best visit our 'free useful software sticky' in the Freebie section, there are a few to choose from! Here is one of them [color=blue]>>Details on the Latest Free AVG Anti-Virus v7.0.<<[/color]
Post a comment

    Top Discussions

    Top Merchants