Sober Q virus

Discussion in 'malware problems & news' started by Chuck57, May 18, 2005.

Thread Status:
Not open for further replies.
  1. Chuck57

    Chuck57 Registered Member

    Sep 2, 2002
    New Mexico, USA
    I don't know if this new variation has been mentioned here. Didn't see any posts reference it. This was in my email. I only check my mail every couple of days.


    May 16,2005

    I suggest you remove anything that may look like a German e-mail. Just click on any of the links or open them and you may infect your computer.

    We are getting over 120 of these e-mails a day.

    Please read below!
    If you don't know who the e-mail is from do not open it!!!

    Sober Virus Behind German Spam Barrage

    Ryan Naraine - eWEEK Sun May 15,11:26 AM ET

    A new variant of the Sober mass-mailing worm is being blamed for the deluge of German spam messages flooding inboxes this weekend, anti-virus experts warned on Sunday.

    The spam barrage arrives with politically-themed messages in German and contains only links to news articles on German Web sites. Finnish anti-virus vendor F-Secure Corp. said the spam run is being powered by Sober.Q, the latest mutant of a worm that was first spotted in October 2003.

    The latest spam barrage comes just two weeks after Sober.P launched a massive attack by promising tickets to next year's World Cup soccer tournament in Germany. In that attack, the worm spread quickly by harvesting e-mail addresses from infected systems.

    This weekend's spam run does not include executable attachments and resembles the methods used in June 2004 by Sober.H, an earlier variant.

    "I am getting inundated with reports this morning. I think this is the biggest 'Request for Information' ever for us and certainly the busiest Sunday we have had in a while," said Scott Fendley, an incident handler for SANS ISC (Internet Storm Center), a group that monitors malicious Internet activity.

    Fendley told Ziff Davis Internet News the spam attack appears to be linked to the 60th anniversary of the end of World War II. There are several references in the subject lines to the bombing on Dresden in 1945 and other war-related political themes.

    Many of the links point to the homepage of the right-wing extremist National Democratic Party (NPD) in Germany.

    To protect against the spam barrage, businesses are urged to adjust e-mail filters to block the handful of subject lines being used.
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.