Tech security companies gave it a midlevel threat warning.
The W32.Sober.i worm, which sends itself as an e-mail attachment to English and German messages, is one of the more serious threats this fall, said security experts.
"It's probably one of the worst cases we've seen in a month or two," said Mikko Hypponen, antivirus research director for F-Secure, which rated the virus as a level 2 on a scale of 1 to 3. "For some reason, this fall has been relatively quiet. This is one of the biggest cases we've had this fall. But compared to the same time last year and earlier this year, it's not that bad."
Like the other Sober viruses, the new version uses its own SMTP engine to send copies of itself to e-mail addresses it finds on infected computers. The infected computers will then later serve as a channel to download programs to unsuspecting users.
The Sober.i virus, featuring an attachment claiming to be naked photos of a blond model, is beginning to spread rapidly around the Internet. A blond, 21-year-old go-go dancer is sending e-mails with naked photos of herself attached and asking for work as model--or so you are led to think by the latest mass-mailing Sober variant to hit the Web.
But unless you live in a German-speaking country, the e-mail is not nearly so exotic. Sober.i is programmed only to send itself with the go-go dancer message to German-language domains, such as those ending in .de (Germany) or .ch (Switzerland).
The virus is also programmed to launch itself at the English-speaking world, but under the subject header of "delivery failure" or "oh god" in the hopes that someone will open an attached .zip file, which unleashes the virus.
"The German version is really interesting," said Graham Cluley, senior technical consultant for tech security company Sophos. "They claim to come from a German 21-year-old go-go dancer with blond hair. She is seeking employment as a model and she says she has attached some naked photos of herself. But of course the photos are the worm."
"In the English version, they don’t seem to be using sex at all. Maybe (the virus writer) thinks that the English aren't as interested in sex as our German cousins," Cluley said. "Perhaps he is making a national judgment about the countries." Sober.i affects systems running Windows XP, 2000, ME, 98, 95, NT and Server 2003.CNET News.com's Dawn Kawamoto reported from San Francisco. Dan Ilett of ZDNet UK reported from London.
A new version of the Sober mass-mailing worm was discovered Friday as it quickly spread through Europe and into the United States.Tech security companies gave it a midlevel threat warning.
The W32.Sober.i worm, which sends itself as an e-mail attachment to English and German messages, is one of the more serious threats this fall, said security experts.
"It's probably one of the worst cases we've seen in a month or two," said Mikko Hypponen, antivirus research director for F-Secure, which rated the virus as a level 2 on a scale of 1 to 3. "For some reason, this fall has been relatively quiet. This is one of the biggest cases we've had this fall. But compared to the same time last year and earlier this year, it's not that bad."
Like the other Sober viruses, the new version uses its own SMTP engine to send copies of itself to e-mail addresses it finds on infected computers. The infected computers will then later serve as a channel to download programs to unsuspecting users.
The Sober.i virus, featuring an attachment claiming to be naked photos of a blond model, is beginning to spread rapidly around the Internet. A blond, 21-year-old go-go dancer is sending e-mails with naked photos of herself attached and asking for work as model--or so you are led to think by the latest mass-mailing Sober variant to hit the Web.
But unless you live in a German-speaking country, the e-mail is not nearly so exotic. Sober.i is programmed only to send itself with the go-go dancer message to German-language domains, such as those ending in .de (Germany) or .ch (Switzerland).
The virus is also programmed to launch itself at the English-speaking world, but under the subject header of "delivery failure" or "oh god" in the hopes that someone will open an attached .zip file, which unleashes the virus.
"The German version is really interesting," said Graham Cluley, senior technical consultant for tech security company Sophos. "They claim to come from a German 21-year-old go-go dancer with blond hair. She is seeking employment as a model and she says she has attached some naked photos of herself. But of course the photos are the worm."
"In the English version, they don’t seem to be using sex at all. Maybe (the virus writer) thinks that the English aren't as interested in sex as our German cousins," Cluley said. "Perhaps he is making a national judgment about the countries." Sober.i affects systems running Windows XP, 2000, ME, 98, 95, NT and Server 2003.CNET News.com's Dawn Kawamoto reported from San Francisco. Dan Ilett of ZDNet UK reported from London.
