LT   EN   RU  
Monday 20 May 2024 - Independent and informative portal
Register   Login
News subscribe
Subscribe   Unsubscribe
Visits since 2002 09 12 - 70710529
Pages in 40735
  Computers > Computer technologies > Hackers
Lankomumo reitingas Print version Print version
Alert: New Sober variant rapidly spreading

Antivirus vendors reported the discovery of a new Sober variant Friday. Dubbed Sober.I or Sobber.J, the new worm variant was first detected in Western Europe and is rapidly spreading as users fail to heed warnings about opening unexpected e-mail attachments. Secunia rated this latest Sober variant a 'Medium Risk', F-Secure rated it a 2 out of 3, Symantec rated it a 3 out of 5, and other antivirus vendors have give it similar severity ratings.

Sober is a mass-mailing worm with its own SMTP engine. The worm spreads via e-mail messages with a subject line in either German or English. This latest variant's English subject line contains either 'Oh God' or 'Delivery_failure_notice'. The German version's subject line promises nude images of a 21-year-old dancer. Attached to the e-mail is a file with a .bat, .com, .pif, .scr, or .zip extension. The attachment may also have a double extension.

When the user clicks the attachment, the worm runs a fake WinZip error message. The worm copies itself to the system folder using a constructed file name and also generates several other copies under a variety of file names but all with the EXE extension. Sober also creates the Media.dll file and stores any e-mail addresses it can harvest from the infected system in that .dll file, then tries to mail itself to all those addresses. Sober affects all Windows versions except 3.x, but does not attack Macintosh or UNIX/Linux systems.

Sober.I/Sober.J removal instructions and additional information:
Sober - Virus Threat Center
Win32.Sober.I - Computer Associates
Sober.I - F-Secure
Sober.i - Kasperksy
W32/Sober.j@MM - McAfree
Sober.I - Panda
W32/Sober-I - Sophos
W32.Sober.I@mm - Symantec
WORM_SOBER.I - Trend Micro

Lankomumo reitingas

Diskusijos - Discusions

Print version - Print version

Random tags:    Windows (7)    Love (48)    Fencing (2)    Energetics (2)    Guns (11)    Films (10)    Hardware (43)    Travels (2)    Sound systems (10)    Law (11)    Software (11)    Sport (81)    Heathendom (3)    Paintball (10)    Egypt (43)    Dolphins (6)    Cinema (20)    People (56)    UFO (39)    Horoscopes (4)    Hackers (59)    Politics (13)    Operating systems (19)    Pubic Hair Fashion (15)    Literature (24)    Wedding (10)    Tales (13)    Religion (34)    Fantasy (10)    Pedagogics (10)    Cats (14)    Dogs (17)    Communication (38)    Motorcycles (33)    Science (163)    Transport (54)    Buddhism (10)    Programing (13)    Vampire (6)    E - commerce (10)    Art (10)    Philately (8)    Philosophy (2)    Scaners (10)    Automobiles (10)    Narcotics no (13)    Aviculture (2)    Mysticism 2 (3)    Yoga (4)    Ecology (10)
1. Bill Gates and other communists
2. Wi-Fi overtakes Ethernet for home networks
3. Worm plays games with victims
4. McAfee Launches SiteDigger 2.0 - program, which checks sites for their vulnerabilities
5. Troy-horses infects Windows Media files?
6. iWork productivity software targets Microsoft's Office
7. Taiwan police seize 60,000 suspect AMD CPUs
8. IDC: 3 future technologies
9. Windows XP SP2 Firewall shows your files and printers to every Internet user
10. phpBB Attachment Mod: new vulnerabilities discovered
1. Multiple vulnerabilities within PHP <= 4.3.9, PHP5 <= 5.0.2
2. Taiwan police seize 60,000 suspect AMD CPUs
3. Who says safe computing must remain a pipe dream?
4. Bill Gates and other communists
5. phpBB Attachment Mod: new vulnerabilities discovered
6. iWork productivity software targets Microsoft's Office
7. Feds try to take logs from Nmap creator
8. New hacking tool: chocolate
9. McAfee Launches SiteDigger 2.0 - program, which checks sites for their vulnerabilities
10. New Internet domains in the works