F-Secure: Sober.K

Discussion in 'malware problems & news' started by Randy_Bell, Feb 21, 2005.

Thread Status:
Not open for further replies.
  1. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    This worm caused a Norton LiveUpdate today, as well as a new TrendMicro official pattern file release and a McAfee "weekly" DATfile release.

    NAME: Sober.K
    ALIAS: W32/Sober.K@mm, Email-Worm.Win32.Sober.k

    Sober.K worm was seeded in e-mails on 21st of February 2005. It is quite similar to the previous variants. Sober.K sends itself as an attachment in e-mail messages with English or German texts.

    See here for the technical details:
    http://www.f-secure.com/v-descs/sober_k.shtml
     
  2. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    Symantec: W32.Sober.K@mm

    W32.Sober.K@mm is a mass-mailing worm that uses its own SMTP engine to send itself to email addresses gathered from a compromised computer. The email will be in either English or German.

    Also Known As: Sober.M [Panda Software], W32/Sober.l@MM [McAfee], WORM_SOBER.K [Trend Micro], W32/Sober-K [Sophos], Sober.K [Computer Associates], Sober.K [F-Secure], W32/Sober.K@mm [Norman].

    http://securityresponse.symantec.com/avcenter/venc/data/w32.sober.k@mm.html
     
  3. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    Last edited: Feb 21, 2005
Loading...
Thread Status:
Not open for further replies.