Sober.X - Message Labs stops 2.7 million copies

Posted Wed, Nov 23 2005 6:14 by Harry Waldron

  The link below shares a press release of the Sober.Y which continues to generate large quantities of infected email messages.  I personally got 00's of copies and they are still streaming in.   Please be careful with all suspicious emails and never open attachments unless you are absolutely certain they are safe.

MessageLabs Stops Over 2.7 million Copies of New Sober Virus That Spoofs FBI and CIA

November 22, 2005 - 17:00 GMT/ 12:00 ET - MessageLabs has intercepted over 2.7-million copies of a new Sober virus, many of which are being spoofed to appear as though they are sent from the FBI or the CIA.

The first copy was stopped at 19:00 GMT on 21st November. The size of the attack indicates that this is a major offensive, certainly one of
the largest in the last few months.

Email Overview

These emails suggest to recipients that their Internet use has been monitored by the FBI or CIA and that they have accessed illegal Web sites. The email directs users to open the ZIP attachment containing the executable, which once opened delivers the Sober virus payload.

It then spreads by searching the infected computer for other email addresses to send copies of itself to, but ignoring any domains for certain security organizations, including MessageLabs.

Additional Forum Links

My IT Forums: More information on Sober.X

McAfee Forums: More information on Sober.X 

Calendar of Updates: More information on Sober.X

Comments

# Sober.X Worm - Special FBI Warning

Thursday, November 24, 2005 8:28 AM by TrackBack

# Sober.X Worm - Special FBI Warning

Thursday, November 24, 2005 8:30 AM by TrackBack

# Sober.X Worm - Special FBI Warning

Tuesday, November 29, 2005 12:16 AM by TrackBack