Virus writers have created a duo of email worms which pose as pictures of old schoolfriends. The Sober-O and Sober-P worms were bulk mailed to thousands of potential victims overnight in an attempt to seed infection.

Like earlier versions of the Sober worm, the bilingual virus can travel in both English and German language emails. Windows users duped into opening infected attachments will find their machines turned into zombie drones under the control of hackers.

When translated, the German version of the infected email messages contains text referring to a class reunion. English language versions of both worms refer to password changes. The malware sends German versions to email addresses associated with German (.de) and Austrian domains. English language versions go to everyone else.

"It may be flattering to think that someone has taken the trouble to look you up and make contact, but it's a lot less pleasant when you realise it's really a virus writer trying to hijack your computer," said Graham Cluley, senior technology consultant at Sophos. "The success of websites like FriendsReunited and Classmates.com show that many people have used the net to keep in touch with old school friends. The worry is that those targeted will be unable to tell which messages are genuinely from friends, and which ones are designed to cause trouble."

Sober-O uses the same tricks as its predecessor, Sober-N, one of the biggest virus outbreaks of 2005. Sober-N posed as offers for tickets to the 2006 World Cup in Germany. ®

Related stories

• Sober worm plans 5 January attack (8 December 2005)
• FBI warns over Sober worm (22 November 2005)
• Bavarian police have spooky Sober moment (16 November 2005)
• Malware authors up the ante (1 July 2005)
• VXers go phishing with latest MyTob worms (8 June 2005)
• Sober worm tops May viral charts (1 June 2005)
• Sober reloaded (20 May 2005)
• Sober infected PCs spew right-wing 'hate spam' (16 May 2005)
• World Cup worm gives Windows users the willies (3 May 2005)