News

Sober.I Makes the Rounds

Another version of Sober is getting attention from the major security companies.

Identified primarily as the I variant of Sober, it is a mass-mailing worm with its own SMTP engine. Once it infects a computer, Sober.I harvests e-mail addresses from various files on the computer. Subject e-mail messages generated by Sober are in English or German, and the worm has been spreading primarily in the United States, Germany and Austria.

A user who activates the worm by clicking on the attachment sees a fake error message designed to fool the user into thinking the worm's payload did not run. The error message reads, "WinZip_Data_Module is missing~Error: {2A0DCCF6}."

Security vendor's assessment of the severity of Sophos.I's risk range from a high five-out-of-five rating by Sophos to a four-out-of-seven rating by Network Associates.

The Sober family is a little over a year old, getting its start with a worm that appeared in October 2003.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Microsoft Adding Google G Suite Migration in Exchange Admin Center

    Microsoft's Exchange Admin Center will be getting the ability to move Google G Suite calendar, contacts and e-mail data over to the Office 365 service "in the coming weeks."

  • Qualcomm Back in Datacenter Fray with AI Chip

    The chip maker joins a crowded field of vendors that are designing silicon for processing AI inference workloads in the datacenter.

  • Microsoft To Ship Surface Hub 2S Conference Device in June

    Microsoft on Wednesday announced a June U.S. ship date for one of its Surface Hub 2S conferencing room products, plus a couple of other product milestones.

  • Kaspersky Lab Nabs Another Windows Zero-Day

    Kaspersky Lab this week described more about a zero-day Windows vulnerability (CVE-2019-0859) that its researchers recently discovered, and how PowerShell was used by the exploit.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.