News

Sober.I Makes the Rounds

Another version of Sober is getting attention from the major security companies.

Identified primarily as the I variant of Sober, it is a mass-mailing worm with its own SMTP engine. Once it infects a computer, Sober.I harvests e-mail addresses from various files on the computer. Subject e-mail messages generated by Sober are in English or German, and the worm has been spreading primarily in the United States, Germany and Austria.

A user who activates the worm by clicking on the attachment sees a fake error message designed to fool the user into thinking the worm's payload did not run. The error message reads, "WinZip_Data_Module is missing~Error: {2A0DCCF6}."

Security vendor's assessment of the severity of Sophos.I's risk range from a high five-out-of-five rating by Sophos to a four-out-of-seven rating by Network Associates.

The Sober family is a little over a year old, getting its start with a worm that appeared in October 2003.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Motherboard Image

    Darktrace Deal To Bring AI Security to Microsoft Products

    Microsoft and security solutions firm Darktrace plan to integrate the latter's AI products with Microsoft Azure, Azure Sentinel and Microsoft Defender for Endpoint.

  • 2021 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Microsoft Updates Azure Icon, Plans Default Font Change

    Microsoft recently announced a few planned design changes, including a new Azure icon.

  • The 2021 Microsoft Product Roadmap

    From Windows 10X to the next generation of Microsoft's application server products, here are the product milestones coming down the pipeline in 2021.