May 6, 2005 4:11 PM PDT
Sober worm makes a comeback
- Related Stories
-
Sober.P overflow has Web tipsy
May 3, 2005 -
Worm attack forces Reuters IM offline
April 14, 2005 -
Site-blocking worm carries phishing risk
April 11, 2005 -
Fake Microsoft security updates circulate
April 8, 2005 -
International bank HSBC deluged by viruses
April 5, 2005 -
IM threats rising sharply, reports confirm
April 5, 2005 -
E-mail worm graduates to IM
April 4, 2005
Sophos said that the worm accounts for around 77 percent of all virus activity it is seeing. The company said the Sober variant is still spreading, even though large corporations appear to have patched the vulnerabilities that the virus uses to propagate.
"It's lingering around like a nasty smell and spreading in big numbers," said Graham Cluley, senior technology consultant at Sophos. "It's still at the same level in that it's 4.65 percent of all e-mail out there. We can't be sure how many people it's infecting, but we think most big business will be protected."
Sophos reported earlier this week that Sober.P appears to turn off Symantec's antivirus protection and the Microsoft Windows XP firewall, probably as a way of preparing computers to distribute spam and to spread itself wider.
"That's probably why it has become widespread so quickly," Cluley said. "(Virus writers) used spam technology to send it out. Now it's just perpetuating."
Sober.P--which security companies have variously tagged as Sober.N, Sober.O or Sober.S--travels as an attachment in e-mails written in English and German. One of the most widely reported e-mails contains an alluring message stating that the recipient has won free tickets to the 2006 World Cup in Germany, but many other types have also been spotted. Once opened, the virus sends itself to e-mail addresses harvested from the infected machine.
Dan Ilett of ZDNet UK reported from London.
10 comments
Join the conversation! Add your comment (Log in or register)
"These are ONLY affecting Microsoft PC's" !!!!
"Linux and Mac PC's are not affected"
Thanks....
Lets face facts. If the affected users switched to the Mac, virus writers would target the Mac, and easily score. A fool who can't be bothered and is willing to double click anything comming into the inbox on a PC is just as easy a target on anything else.
BFD - there's a fallacy circulating, that if someone is using M$ products, that probably ARE porous, they have security issues. All it takes, is properly security software & hardware & the right settings (no automatic downloads & no automatic running) and things are Hunky Dory.
Sure, M$ have some buggy code - but RULE # 1 - ALL SOFTWARE HAS BUGS. Apple just released a bunch of fixes - apparently not security related, but bugs none the less. There are also issues with Tiger, where it doesn't interact correctly with existing software & where the vendors are having to fix their own software, to deal with Tiger.
So, providing people don't rely on security software that comes with an OS & install & set it up correctly, it IS possible to use buggy applications, like Outlook.