New Sober virus circulating
Summary
Topics
The new variants of Sober, a worm that first appeared in 2003, are capable of disabling antivirus programs, according to Finland-based company F-Secure.
Antivirus company Kaspersky Lab said on its Web site that large numbers of infected e-mails have been intercepted. This confirms, according to the company, that the epidemic was caused by spamming. Kaspersky identified the variants as Sober.U, Sober.V, and Sober.W.
Internet security officials in Germany warned Monday of a possible Sober attack. In recent months, Sober has been used in that country to spread right-wing propaganda.
Last month, a variant of the Sober worm was spread as an attachment that claimed to be an old class photo sent by a schoolmate.
Sober can hijack a Windows-based computer and force it to send spam e-mails. The continuous e-mailing can lead to overloaded servers and reduced network performance.
Security firms cautioned computer users to be careful when opening attachments. Infected messages may have a random subject line or none at all, Kaspersky said.
But the attachments can be recognized by their names: Exceltab-packed_List.exe, Liste.zip and Reg-List-Dat_Packer2.exe., reg_text.zipWord-Text.zip, Word-Text_packedList.exe and Word-Text_packedList.zip.
The virus creators appeared to taunt security experts with a message left in the code which reads: "Use your debuggers, it's fun."
Talkback - Tell Us What You Think
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
Facebook Activity
