- Related Stories
-
Sober worm offshoot lurks behind class photo
October 6, 2005 -
Sober.Q spreads hate messages in German, English
May 16, 2005
The new variants of Sober, a worm that first appeared in 2003, are capable of disabling antivirus programs, according to Finland-based company F-Secure.
Antivirus company Kaspersky Lab said on its Web site that large numbers of infected e-mails have been intercepted. This confirms, according to the company, that the epidemic was caused by spamming. Kaspersky identified the variants as Sober.U, Sober.V, and Sober.W.
Internet security officials in Germany warned Monday of a possible Sober attack. In recent months, Sober has been used in that country to
Sober can hijack a Windows-based computer and force it to send spam e-mails. The continuous e-mailing can lead to overloaded servers and reduced network performance.
Security firms cautioned computer users to be careful when opening attachments. Infected messages may have a random subject line or none at all, Kaspersky said.
But the attachments can be recognized by their names: Exceltab-packed_List.exe, Liste.zip and Reg-List-Dat_Packer2.exe., reg_text.zip Word-Text.zip, Word-Text_packedList.exe and Word-Text_packedList.zip.
The virus creators appeared to taunt security experts with a message left in the code which reads: "Use your debuggers, it's fun."
See more CNET content tagged:
Kaspersky Lab, Sober worm, variant, attachment, antivirus
Second, look at a program called 'DropMyRights' from MS. It allows you to start individual programs at a lower rights level. If some users need to run as admins(for whatever reason), starting all internet facing programs this way works really well.