resource center
  See your link here
|
IDG News Service -
SAN FRANCISCO -- A new version of the Sober e-mail worm started spreading in Europe last week, according to antivirus software vendors, which have given the worm a midlevel threat rating.
By the end of the workday in Europe, the worm had spread to North America and was propagating there as well, said Marius van Oers, an Amsterdam-based antivirus research engineer at McAfee Inc.
The Sober variant is referred to as Sober.j by McAfee and as Sober.i and by F-Secure Corp. and Kaspersky Labs Ltd. This variant is the latest version of a worm that first appeared in October last year.
The new worm sends itself as an attachment to German and English e-mail messages. Infected messages have various subjects and body texts. The worm isn't activated until the recipient opens the attachment.
Once opened, a fake error message is displayed and the worm creates two files in the Windows directory. Like its predecessors, Sober.i spreads by skimming e-mail addresses from victims' computers, then mailing copies of itself to those addresses.
The two files make it harder to manually remove the worm from an infected system, Van Oers said. Both files are loaded in the system's memory, and when one is deleted the other will re-create it, he said. Antivirus software is able to remove the worm, he said.
In spreading, Sober.i adapts its message for German-speaking audiences, inserting a German-language version of its pitch message into e-mail addresses belonging to German domains, such as those ending in .de for Germany, .ch for Switzerland and .at for Austria, F-Secure of Helsinki said in an advisory.
"It appears that the virus originated in Germany," McAfee's Van Oers said.
Sober.i appears to do no damage to users' systems other than replicating itself. The worm does try to download software from a remote location, but that feature didn't work when tested by McAfee, Van Oers said. The worm doesn't install any keystroke loggers or back doors into the user's system.
IDG.net
Share our Strength
Download Now
Key Strategies for Managing Data Growth
What are you storage challenges?
Can Heuristic Technology Help Your Company Fight Viruses?
What is Heuristic Technology and how can it help safeguard your business against viruses? Learn more.
Extending Client Refresh - 11 Steps to Maximize Savings
Register Now!
Eradicate Spam & Gain 100% Asurance of Clean Mailboxes
Get this paper now!
Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!
Mastering eDiscovery: The IT Manager's Guide to Preservation, Protection & Production
Get this paper now!
Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!
Not Just Words: Enforce Your Email and Web Acceptable Usage Policies
Get this paper now!
Consolidate Your Servers and Storage to Lower Costs with Oracle Database 11g
Register for this webcast!
Sign up to receive updates on the latest Security resources
CIO
Computerworld
CSO
DEMO
GamePro
Games.net
IDC
IDG
IDG Connect
IDG Knowledge Hub
IDG TechNetwork
IDG Ventures
IDG.net
InfoWorld
ITwhitepapers
ITworld
JavaWorld
LinuxWorld
Macworld
Network World
PC World
The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All
rights reserved. Reproduction in whole or in part in any form or medium
without express written permission ofComputerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc. |
