LT   EN   RU  
Tuesday 1 December 2020 - Independent and informative portal
Register   Login
News subscribe
Subscribe   Unsubscribe
Visits since 2002 09 12 - 67107787
Pages in 40735
  Computers > Computer technologies > Hackers
Lankomumo reitingas Print version Print version
Alert: New Sober variant rapidly spreading

Antivirus vendors reported the discovery of a new Sober variant Friday. Dubbed Sober.I or Sobber.J, the new worm variant was first detected in Western Europe and is rapidly spreading as users fail to heed warnings about opening unexpected e-mail attachments. Secunia rated this latest Sober variant a 'Medium Risk', F-Secure rated it a 2 out of 3, Symantec rated it a 3 out of 5, and other antivirus vendors have give it similar severity ratings.

Sober is a mass-mailing worm with its own SMTP engine. The worm spreads via e-mail messages with a subject line in either German or English. This latest variant's English subject line contains either 'Oh God' or 'Delivery_failure_notice'. The German version's subject line promises nude images of a 21-year-old dancer. Attached to the e-mail is a file with a .bat, .com, .pif, .scr, or .zip extension. The attachment may also have a double extension.

When the user clicks the attachment, the worm runs a fake WinZip error message. The worm copies itself to the system folder using a constructed file name and also generates several other copies under a variety of file names but all with the EXE extension. Sober also creates the Media.dll file and stores any e-mail addresses it can harvest from the infected system in that .dll file, then tries to mail itself to all those addresses. Sober affects all Windows versions except 3.x, but does not attack Macintosh or UNIX/Linux systems.

Sober.I/Sober.J removal instructions and additional information:
Sober - Virus Threat Center
Win32.Sober.I - Computer Associates
Sober.I - F-Secure
Sober.i - Kasperksy
W32/Sober.j@MM - McAfree
Sober.I - Panda
W32/Sober-I - Sophos
W32.Sober.I@mm - Symantec
WORM_SOBER.I - Trend Micro

Lankomumo reitingas

Diskusijos - Discusions

Print version - Print version

Random tags:    Procesors (2)    Mysticism (119)    Chess (10)    Transport (54)    Motorcycles (33)    Science (163)    Energetics (2)    Business (25)    Computers (355)    Guns (11)    Fishing (14)    Aviculture (2)    Biology (66)    SSL certificates (10)    Philately (8)    Programing (13)    Geography (10)    Sport2 (8)    Fencing (2)    Law (11)    Politics (13)    Pedagogics (10)    Monitors (10)    Buddhism (10)    Medicine (5)    Laptops (10)    Gymnastics (9)    Culture (57)    Architecture (2)    Agriculture (17)    Software (11)    S.Valiulis (2)    Operating systems (19)    Ecology (10)    Cryptography (10)    Economics2 (2)    Prose (11)    Art (10)    Linux/Unix (2)    Animals (65)    Films (10)    Pubic Hair Fashion (15)    Printers (12)    Dolphins (6)    Nursing (4)    UFO (39)    Sport gymnastics (9)    Paintball (10)    Skydiving (10)    Mobile communication (9)
1. Bill Gates and other communists
2. Wi-Fi overtakes Ethernet for home networks
3. Worm plays games with victims
4. McAfee Launches SiteDigger 2.0 - program, which checks sites for their vulnerabilities
5. iWork productivity software targets Microsoft's Office
6. Troy-horses infects Windows Media files?
7. Taiwan police seize 60,000 suspect AMD CPUs
8. IDC: 3 future technologies
9. Windows XP SP2 Firewall shows your files and printers to every Internet user
10. phpBB Attachment Mod: new vulnerabilities discovered
1. Multiple vulnerabilities within PHP <= 4.3.9, PHP5 <= 5.0.2
2. Taiwan police seize 60,000 suspect AMD CPUs
3. phpBB Attachment Mod: new vulnerabilities discovered
4. Who says safe computing must remain a pipe dream?
5. Bill Gates and other communists
6. Feds try to take logs from Nmap creator
7. McAfee Launches SiteDigger 2.0 - program, which checks sites for their vulnerabilities
8. New Internet domains in the works
9. Windows XP SP2 Firewall shows your files and printers to every Internet user
10. Kazaa creates worst spyware threat, says CA