Options
Sober worm on the loose
A new virus called 'Sober' has been predicted to cause a few headaches over the next few days, with its primary form of transport being by email. The virus is apparently hidden in a HTML email so just viewing the email could set the virus loose.
[blockquote]The Sober worm, spotted in the last 12 hours, is a traditional attachment-based piece of malware that uses social engineering to trick people into activating its payload.
"...Sober worm has been around for a few hours and we've seen several reports of infections. It surfaced about midnight and is spreading through email systems as people log on and start checking their mail."
Sober arrives as an email in English or German with the payload coming as an attachment. It uses a wide variety of headers, promising that the attachment contains everything from pornography to an antivirus patch.
Once activated the malware installs itself as 'drv.exe', 'similare.exe' or 'systemchk.exe'. It then mails itself to any found addresses using its own SMTP engine. The outgoing emails have spoofed headers, which makes backtracking the virus source more difficult.
[/blockquote]
More information on the 'Sober' worm can be found [link=http://www.symantec.com/avcenter/venc/data/w32.sober@mm.html]here[/link].
[blockquote]The Sober worm, spotted in the last 12 hours, is a traditional attachment-based piece of malware that uses social engineering to trick people into activating its payload.
"...Sober worm has been around for a few hours and we've seen several reports of infections. It surfaced about midnight and is spreading through email systems as people log on and start checking their mail."
Sober arrives as an email in English or German with the payload coming as an attachment. It uses a wide variety of headers, promising that the attachment contains everything from pornography to an antivirus patch.
Once activated the malware installs itself as 'drv.exe', 'similare.exe' or 'systemchk.exe'. It then mails itself to any found addresses using its own SMTP engine. The outgoing emails have spoofed headers, which makes backtracking the virus source more difficult.
[/blockquote]
More information on the 'Sober' worm can be found [link=http://www.symantec.com/avcenter/venc/data/w32.sober@mm.html]here[/link].
0