Feeds

Sober email worm gives Windows users the DTs

Back on the wagon

  • alert
  • submit to reddit

Internet Security Threat Report 2014

A virus which poses as a security fix from an AV firm is the latest menace to assault Windows users.

Sober typically spreads by email. The viral messages it generates have infectious attachment names such as typically anti_virusdoc.pif, check-patch.bat, playme.exe and variable English and German subject lines. A full list can be found in anadvisory from Finnish AV firm F-Secure.

Windows users foolish enough to open the infectious attachments get the pox. On infected machines, the worm makes certain registry changes and installs its own SMTP client to further its spread.

MessageLabs, the email filtering firm, reports that it has blocked the worm more than 3,400 times since its first appearance at the weekend. In three-quarters of the cases , the Sober worm came from Germany.

Most AV vendors rate the virus as low to medium risk.

Standard defence precautions against viral attacks apply: corporates should consider blocking executables at the gateway and update AV signature definition files to detect the virus. Home users should also update AV tools and resist the temptation to open suspicious looking emails. The use of free spam-nuking tools, such as Spam Assassin, can help. ®

Internet Security Threat Report 2014

More from The Register

next story
Webcam hacker pervs in MASS HOME INVASION
You thought you were all alone? Nope – change your password, says ICO
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Meet OneRNG: a fully-open entropy generator for a paranoid age
Kiwis to seek random investors for crowd-funded randomiser
USB coding anarchy: Consider all sticks licked
Thumb drive design ruled by almighty buck
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
Attack reveals 81 percent of Tor users but admins call for calm
Cisco Netflow a handy tool for cheapskate attackers
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.