|
||
|
Title: WARNING---W32/Sober.p@MM Post by Svenn on May 4th, 2005, 7:57pm What is it? Another variant of the Sober virus, W32/Sober.p@MM is a Medium Risk mass-mailing worm hiding inside an email attachment. When run, the worm displays a fake error message, infects the host computer and sends itself to the email addresses that are harvested from the infected machine. Like many Sober variants, this variant uses several different email messages randomly, in either English or German depending on the version of Windows. What should I look for? FROM: Varies (forged addresses taken from infected system) SUBJECT: Examples: English: Your Password German: WM-Ticket-Auslosung BODY: Examples: English: Account and Password Information are attached! German: Herzlichen Glueckwunsch, beim Run auf die begehrten Tickets für die 64 Spiele der Weltmeisterschaft 2006 in Deutschland sind Sie dabei. ATTACHMENT: account_info.zip, autoemail-text.zip, LOL.zip, Fifa_Info-Text.zip, mail_info.zip, okTicket-info.zip, our_secret.zip, _PassWort-Info.zip How do I know if I've been infected? When the ZIP archive is extracted and the contained PIF file is manually executed, the virus may display a fake error message which reads "Error: CRC not complete". How do I find out more? View details about W32/Sober.p@MM here. http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=133409&cid=14461 You know what to do folks Svenn |
||
|
Title: Re: WARNING---W32/Sober.p@MM Post by Jonny on May 4th, 2005, 8:12pm If you dont know who sent it....dont open it ;) Night Night ;;D |
||
|
Title: Re: WARNING---W32/Sober.p@MM Post by Charlie on May 4th, 2005, 8:18pm Thanks Svenn. Yikes. They're really out in force today. Getting lots of warnings but I even check them first. Charlie |
||
|
Title: Re: WARNING---W32/Sober.p@MM Post by Gator on May 4th, 2005, 9:43pm on 05/04/05 at 20:12:20, Jonny wrote:
Even if you do know the person who sent it, be careful. That person's infected computer may be sending you a virus without his/her knowledge. |
||
|
Title: Re: WARNING---W32/Sober.p@MM Post by Opus on May 5th, 2005, 12:13am on 05/04/05 at 19:57:47, Svenn wrote:
What a contradiction in terms, by definition (http://www.webopedia.com/DidYouKnow/Internet/2004/virus.asp), a Worm is Malware that doesn't need to be clicked on to infect and spread. There really are no mass mailing worms since they would have to infect without even being read. These Viruses must know I use Linux, I never seem to get them anymore, but my wife still does. Opus/Paul [smiley=smokin.gif] |
||
|
Title: Re: WARNING---W32/Sober.p@MM Post by ExplodingEyeBall on May 5th, 2005, 9:51am on 05/04/05 at 20:12:20, Jonny wrote:
If you weren't expecting it and it came from someone you know, call them and ask about it before you open it. If you don't know the sender, delete it. |
||
|
Title: Re: WARNING---W32/Sober.p@MM Post by nani on May 5th, 2005, 9:53am I've probably gotten another 50 of them since yesterday. The attachment size is 73KB and they come from all kinds of "official" looking addresses. |
||
|
Title: Re: WARNING---W32/Sober.p@MM Post by sandie99 on May 5th, 2005, 9:58am Thanks for the warning! :) |
||
|
Title: Re: WARNING---W32/Sober.p@MM Post by Kirk on May 5th, 2005, 12:41pm [smiley=smartass2.gif] |
||
|
Clusterheadaches.com Message Board » Powered by YaBB 1 Gold - SP 1.3.1! YaBB © 2000-2003. All Rights Reserved. |