New Sober worm poses as Microsoft patch

Tuesday, 9 March 2004, 1:54 AM EST

A new virus discovered Monday plays off fears generated by last week's wave of worms by masquerading as a patch from Microsoft that purportedly keeps MyDoom at bay.

Sober.d, also dubbed Roca.a by some security firms, arrives in an e-mail message with a subject that reads “Microsoft Alert: Please Read!” (The worm also comes in a German flavor, with a matching headline of “Microsoft Alarm: Bitte Lesen!”)

The message's text then goes on to urge the recipient to open the attached file, which can arrive either as an executable, or within a password-protected Zip archive. The attachment, claims the message, will protect the user's computer from a new variant of the MyDoom worm, and has other text that tries to pass itself off as coming from Microsoft. (Microsoft never e-mails security updates.)

At Techweb.

[ Read more ]

Related items




Spotlight

Biggest ever cyber security exercise in Europe is underway

Posted on 30 October 2014.  |  More than 200 organisations and 400 cyber-security professionals from 29 European countries are testing their readiness to counter cyber-attacks in a day-long simulation, organised by the European Network and Information Security Agency (ENISA).


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //