-=PCTechTalk=- Re: Sober Virus
- From: " milady" <kg6ocz@xxxxxxxxxxxxx>
- To: <pctechtalk@xxxxxxxxxxxxx>
- Date: Wed, 23 Nov 2005 05:51:33 -0800
getting at LEAST 10 of these a day...phhhhhhhhht
----- Original Message -----
From: "Mike the mod" <mikebike@xxxxxxxxx>
To: <pctechtalk@xxxxxxxxxxxxx>
Sent: Tuesday, November 22, 2005 5:27 PM
Subject: -=PCTechTalk=- Sober Virus
This press release comes from F-Secure.
Helsinki, Finland - November 22, 2005
New Sober variant becomes the years largest email worm outbreak
F-Secure has been tracking the latest variant of the Sober worm and is now
issuing a Radar Level 1 Alert on it. Level 1 is the highest alert level on
F-Secure's 3-step alerting system. Several millions of infected emails have
been seen by internet operators over the last hours.
One of the reasons why this email worm seems to be so successful in
spreading is that some of the messages it sends are fake warnings
from FBI, CIA or from the German Bundeskriminalamt (BKA).
Examples of such messages include:
Dear Sir/Madam,
We have logged your IP-address on more than 30 illegal Websites.
Please answer our questions!
The list of questions are attached.
Yours faithfully,
Steven Allison
*** Federal Bureau of Investigation -FBI-
Such emails arrive with an attachment, which will infect the computer once
opened.
First Sober was found in October 2003, over two years ago. F-Secure=
believes
all 25 variants of this virus have been written by the same individual,
operating from somewhere in Germany. Unlike most of the other widespread
viruses nowadays, Sober doesn't seem to have a clear financial motive=
behind
it.
Some Sober variants have displayed neo-nazi messages, but the latest=
version
of the virus does not do this. However, all Sober variants send German
messages to German email addresses and English messages to other addresses.
"The numbers we're now seeing with Sober.Y are just huge", comments Mikko
Hypponen, Chief Research Officer at F-Secure Corporation. This is the
largest email worm outbreak of the year - so far!
More in F-Secure blog at:
http://www.f-secure.com/weblog/
Technical information and screenshots of the virus are available at
http://www.f-secure.com/v-descs/sober_y.shtml
McAfee
http://vil.nai.com/vil/content/v_137072.htm
Learn More About Sober.X Online At Secunia:
http://secunia.com/virus_information/23897/
Sophos
http://www.sophos.com/virusinfo/analyses/w32soberz.html
Symantec
http://www.sarc.com/avcenter/venc/data/w32.sober.x@xxxxxxx
FBI's warning on the fake emails at:
http://www.fbi.gov/pressrel/pressrel05/emailscheme112205.htm
F-Secure Corporation
Mikko Hypponen, Chief Research Officer
PL 24
FIN-00181 Helsinki
Gsm +358 400 648 180
http://www.F-Secure.com
-+-+-+-+-+-+-+-+-+-+-+-+-
Mike the mod
--
<Please delete this line and everything below.>
To unsub or change your email settings:
http://www.freelists.org/webpage/pctechtalk
To access our Archives:
http://groups.yahoo.com/group/PCTechTalk/messages/
http://www.freelists.org/archives/pctechtalk/
--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.362 / Virus Database: 267.13.5/177 - Release Date: 11/21/2005
--
<Please delete this line and everything below.>
To unsub or change your email settings:
http://www.freelists.org/webpage/pctechtalk
To access our Archives:
http://groups.yahoo.com/group/PCTechTalk/messages/
http://www.freelists.org/archives/pctechtalk/
- References:
- -=PCTechTalk=- Sober Virus
- From: Mike the mod
Other related posts:
- » -=PCTechTalk=- Re: Sober Virus
- -=PCTechTalk=- Sober Virus
- From: Mike the mod