New Sober worm poses as Microsoft patch

Tuesday, 9 March 2004, 1:54 AM EST

A new virus discovered Monday plays off fears generated by last week's wave of worms by masquerading as a patch from Microsoft that purportedly keeps MyDoom at bay.

Sober.d, also dubbed Roca.a by some security firms, arrives in an e-mail message with a subject that reads “Microsoft Alert: Please Read!” (The worm also comes in a German flavor, with a matching headline of “Microsoft Alarm: Bitte Lesen!”)

The message's text then goes on to urge the recipient to open the attached file, which can arrive either as an executable, or within a password-protected Zip archive. The attachment, claims the message, will protect the user's computer from a new variant of the MyDoom worm, and has other text that tries to pass itself off as coming from Microsoft. (Microsoft never e-mails security updates.)

At Techweb.

[ Read more ]

Related items




Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //