Sober.Y - Medium Risk at most sites

Welcome Guest ( Log In | Register )

Calendar Of Updates > Library: Information Resources & Product News > Security Information Center > Alerts

Register a free account to use forum features

Welcome to Calendar of Updates forums! Guest can view some contents but cannot use many forum features (example: create a new topic, post in existing topic, subscribe to receive email notification on new post, create a blog, send a private message, earn CoU-dos), please register a free account now to unlock this features that are available to registered members only.

Sober.Y - Medium Risk at most sites, includes a false FBI warning message

Options

harrywaldron View Member Profile	Nov 22 2005, 01:04 PM Post #1
Microsoft MVP - Security Group: Admin - Forum Posts: 645 Calendar Posts: 4 Joined: 20-April 04 From: Roanoke Virginia Member No.: 609	KoanYorel shared a good early warning in this thread Trend, F-Secure, Panda and other security sites have declared a MEDIUM RISK for this new version of the Sober email worm. Sober.Y - Medium Risk at most sites (false FBI warning) http://secunia.com/virus_information/22237/sober.y/ http://www.f-secure.com/v-descs/sober_y.shtml http://www.trendmicro.com/vinfo/virusencyc...RM%5FSOBER%2EAG http://www.f-secure.com/weblog/archives/ar...5.html#00000711 Like the previous variants, this one sends itself inside a ZIP archive as an attachment in e-mail messages with English or German texts. MESSAGES TO BLOCK OR AVOID Subject: Your new Password Message: Your password was successfully changed! Please see the attached file for detailed information Attachments: PWORD_CHANGE.ZIP Also contains a False FBI warning:

harrywaldron View Member Profile	Nov 22 2005, 02:51 PM Post #2
Microsoft MVP - Security Group: Admin - Forum Posts: 645 Calendar Posts: 4 Joined: 20-April 04 From: Roanoke Virginia Member No.: 609	McAfee information http://secunia.com/virus_information/23836/sobermmm681/ http://vil.nai.com/vil/content/v_137072.htm Symantec rates as MEDIUM RISK http://securityresponse.symantec.com/avcen...sober.x@mm.html P.S. I have over 100 copies in my SPAM folder so this one is out there.

Donna View Member Profile View Member Blog	Nov 23 2005, 05:52 AM Post #3
Solar Group: Admin - Site Posts: 12028 Calendar Posts: 8745 Joined: 11-October 03 From: Macau Member No.: 1	Thanks for the above Harry Yup, it's out there It's good that most free webmail services is scanning the attachments of the messages and they do not allow user's to download the file. We know some beginners who are not aware of the risk of downloading the files are at risk (curiosity is sometimes the reason why they will download and open an attachment). Hopefully user's who opted to retrieve their messages into their HD has the protection. Below are screenshots of the 2 email messages that I received (sent to my hotmail account):

harrywaldron View Member Profile	Nov 23 2005, 03:45 PM Post #4
Microsoft MVP - Security Group: Admin - Forum Posts: 645 Calendar Posts: 4 Joined: 20-April 04 From: Roanoke Virginia Member No.: 609	Secunia declares HIGH RISK

« Next Oldest · Alerts · Next Newest »

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version

Time is now: 22nd November 2008 - 05:27 AM

Licensed to: Dozleng, LLC
Disclaimer: While CalendarOfUpdates.com uses reasonable efforts to include accurate and up-to-date information, we make no warranties or representations as to the accuracy of the content and assume no liability or responsibility for any error or omission in the content. CalendarofUpdates.com does not represent or warrant that use of any content will not infringe rights of third parties. CalendarOfUpdates.com has no responsibility for actions of third parties or for content provided or posted by others.
All services are subject to the Terms of Service.
Except where otherwise stated, all content Copyright © 2003 - 2008 Dozleng, LLC