Another Sober Worm Spreading Quickly
Another version of the dual-language Sober worm hit the Internet mid-day Monday, and by Tuesday was accounting for a stunning 70 percent of all malicious code traffic according to one anti-virus vendor.Sober.p -- also called Sober.n and Sober.o in the confusing mishmash that's the naming structure of worms and viruses -- is epidemic in Western Europe, said two firms there, Sophos and Kaspersky Labs.
"It's currently running at about 70 percent of all mail traffic, worldwide, but it seems to have plateaued," said Ted Anglace, a senior security analyst in Sophos' Boston office. "It's leveling off."
By packing the worm in an attached .zip file, the writer is hoping to capitalize on some companies' relaxed rules on receiving compressed files. While enterprises regularly filter out other executable file types -- such as .exe and .pif -- because they often harbor malicious code, many still let .zip files through because they're useful in packaging multiple files.
Anti-virus firms released new signatures to detect and delete the new Sober, or in some cases, crowed that their in-place detection technologies spotted the worm without users needing to update.
see also: techweb
posted by What I Write @ Article
0 Comments:
Post a Comment
<< Home