F-Secure: Sober.K

Discussion in 'malware problems & news' started by Randy_Bell, Feb 21, 2005.

Thread Status:
Not open for further replies.
  1. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    This worm caused a Norton LiveUpdate today, as well as a new TrendMicro official pattern file release and a McAfee "weekly" DATfile release.

    NAME: Sober.K
    ALIAS: W32/Sober.K@mm, Email-Worm.Win32.Sober.k

    Sober.K worm was seeded in e-mails on 21st of February 2005. It is quite similar to the previous variants. Sober.K sends itself as an attachment in e-mail messages with English or German texts.

    See here for the technical details:
    http://www.f-secure.com/v-descs/sober_k.shtml
     
  2. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    Symantec: W32.Sober.K@mm

    W32.Sober.K@mm is a mass-mailing worm that uses its own SMTP engine to send itself to email addresses gathered from a compromised computer. The email will be in either English or German.

    Also Known As: Sober.M [Panda Software], W32/Sober.l@MM [McAfee], WORM_SOBER.K [Trend Micro], W32/Sober-K [Sophos], Sober.K [Computer Associates], Sober.K [F-Secure], W32/Sober.K@mm [Norman].

    http://securityresponse.symantec.com/avcenter/venc/data/w32.sober.k@mm.html
     
  3. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    Last edited: Feb 21, 2005
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.