Feeds

Sober worm shakes Windows security

It's tin-foil hat time again

  • alert
  • submit to reddit

Remote control for virtualized desktops

A new variant of the Sober email worm series is spreading rapidly across the net. Like previous variants, Sober-N spreads as an infected ZIP attachment to messages written in either German or English.

Infected emails pose as a message from a net user who claims to have received the intended victim's email in error in a bid to fool users into opening an attachment containing malicious code. The worm composes messages with subject lines such as "I've_got your EMail on my_account!" and "FwD: Ich bin's nochmal" with attachments such as your_text.zip (weighing in at 73KB). Sober-N only infects Windows machines.

More than 86,700 emails containing the new Sober-N were sent to UK businesses since the early hours of Tuesday morning, according to email security company BlackSpider Technologies. Most anti-virus vendors rate Sober as a medium-risk worm. Sober-N is the fourteenth incarnation of a worm first seen in October 2003.

Standard defence precautions against viral attacks apply in defending against Sober-N: corporates should consider blocking executables at the gateway and update anti-virus signature definition files to detect the virus. Home users should also update anti-virus tools and resist the temptation to open suspicious-looking emails. ®

Related stories

Sober worm speaks with forked tongue
Beware sober worm bearing gifts
Sober email worm gives Windows users the DTs
FBI issues Sober notice over Windows worm
The strange decline of computer worms (perhaps we spoke too soon)

Choosing a cloud hosting partner with confidence

More from The Register

next story
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
BlackEnergy crimeware coursing through US control systems
US CERT says three flavours of control kit are under attack
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
The hidden costs of self-signed SSL certificates
Exploring the true TCO for self-signed SSL certificates, including a side-by-side comparison of a self-signed architecture versus working with a third-party SSL vendor.