On BNET: Online porn struggles for profits
BNET Business Network:
BNET
TechRepublic
ZDNet
112 TalkBacks

By Joris Evers
Posted on ZDNet News: Dec 7, 2005 7:42:00 PM

A new outbreak of Sober may be coming, security experts have warned, even as e-mail systems worldwide work to get rid of the last infestation of the mass-mailing worm.

The next attack is hard-coded in the version of Sober that hit the Net on Nov. 22, iDefense, part of VeriSign, said in a statement Wednesday. Infected machines are set to download instructions and potentially mail out a new wave of Sober e-mails on Jan. 5, the security company said.

That leaves Internet users with less than a month to shore up their defenses against Sober, which was the most prolific worm in 2005, security experts at iDefense said.

"The attack could have a significant detrimental effect on Internet traffic, as e-mail servers are flooded," iDefense said.

The possible outbreak could be stopped, said Mikko Hypponen, chief research officer at Finnish antivirus company F-Secure. The worm is set to download instructions from a number of sites hosted on the systems of free Web space providers. These are located mostly in Germany and Austria, he said.

"These free Web site hosters should be able to block those specific URLs this virus is trying to download from in January, so with any luck nothing will happen," Hypponen said. "There is plenty of time for the Internet service providers and the antivirus people to act."

The latest Sober variant is still causing headaches for e-mail users. Microsoft last week said the load of infected messages is causing an unspecified delay for mail sent to its Hotmail and MSN e-mail services. Sober accounted for almost 40 percent of all the viruses stopped by F-Secure on Wednesday, Hypponen said.

The Sober family of mass-mailing worms appears to be the work of a German speaker or group of German speakers, iDefense said. Nearly 30 variants of the worm have surfaced since October 2003, the company said.

Sober arrives as an e-mail with a malicious attachment. The text of the e-mail can vary and can be either in German or English. Some Sober e-mails have included Nazi propaganda, while others posed as messages from the FBI, the U.K.'s National High-Tech Crime Unit and the CIA.

iDefense believes a Jan. 5 attack may be spreading more Nazi propaganda. The date coincides with the 87th anniversary of the founding of the Nazi party.

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 112 Talkback(s)
The best solution yet..!!
Have you guys heard about Pc Guard?
Is a combination of a harware component that works with a piece of software.
Together they form a shield protecting the Hard drive.
If anything goes wrong,... (Read the rest)
Posted by: LuisB Posted on: 12/27/05 You are currently: a Guest | | Terms of Use
Well, do something about it!  CobraA1 | 12/07/05
Ya right  IceTheNet@... | 12/07/05
Sad, but true.  X Marks The Spot | 12/07/05
Geeze... Ignorant horse hockey.  Wolfie2K3 | 12/09/05
1% right  nECrO_z | 12/18/05
I've Had The Security Solution for A Year!  TerryGeorge | 12/07/05
$$$ FOR ANTI VIRUS COMPANIES  JEDROWE | 12/07/05
Your ignorance is showing  techboy_z | 12/08/05
Me Too !!!  IceTheNet@... | 12/07/05
Tell me more  ashdezign | 12/07/05
Thanks For Your Interest  TerryGeorge | 12/08/05
"could simply notify an ISP system" ??? HA HA HA  jrbeaman | 12/08/05
Ha Ha Ha Yourself  TerryGeorge | 12/08/05
Im lmao!!!!!!!  glstorck@... | 12/08/05
Right.  jrbeaman | 12/08/05
You missed the point.  jrbeaman | 12/08/05
You Happen To Be Right On!  TerryGeorge | 12/08/05
So now what  greenjavlin | 12/08/05
A Software Solution Would Be Like Musical Chairs!  TerryGeorge | 12/08/05
Well then..  ArtMac | 12/07/05
I won't have it  Ediseye | 12/07/05
i wont get it  linuxoverwindows | 12/07/05
*YAWN*  mockylock | 12/07/05
Yawn, indeed  Len Rooney | 12/07/05
right.  mockylock | 12/07/05
Thanks Mockylock  Boondocks-Tech | 12/08/05
SO HACK US!  s_gamgee | 12/08/05
Careful what you wish for  nECrO_z | 12/18/05
just a small point  IceTheNet@... | 12/07/05
YE HA!!!!!:D:D  glstorck@... | 12/08/05
NICE SHT MOCKYLOCK!  wildfire20004 | 12/24/05
Nor I...  gfeier | 12/07/05
Nor I...  4lorn | 12/07/05
Nor I...  IceTheNet@... | 12/07/05
Cpt Obvious gets a goldstar by his name  Jeff the god of biscuits | 12/07/05
SO WHAT?  jrbeaman | 12/08/05
Jr, Jr, Jr.....  glstorck@... | 12/08/05
He gave you a solution  lengua99 | 12/09/05
AWRIGHT!  dbrimlow | 12/07/05
well if mcafee is your security  IceTheNet@... | 12/07/05
hmm.. great time to run linux  stelmate | 12/07/05
that is not nice  IceTheNet@... | 12/07/05
You don't understand...  jrbeaman | 12/08/05
No, You don't understand  nECrO_z | 12/18/05
Here's a thought...  billywill | 12/07/05
Bravo....  charlesgoff | 12/07/05
Common sense  X Marks The Spot | 12/07/05
yes it 200x  IceTheNet@... | 12/07/05
Limited, childish solution.  jrbeaman | 12/08/05
WRONG!  nECrO_z | 12/18/05
BILLYWILL IS RIGHT!!! DON'T OPEN THEM!  wildfire20004 | 12/24/05
chuck a patch at the new download servers  mason_fok@... | 12/07/05
do you work for microsoft  IceTheNet@... | 12/07/05
Thats a great idea....  jrbeaman | 12/08/05
Oh no........  glstorck@... | 12/08/05
A way to check  DemonX | 12/07/05
be concerned if you run norton  IceTheNet@... | 12/07/05
be concerned if you run norton  IceTheNet@... | 12/07/05
be concerned if you run norton  IceTheNet@... | 12/07/05
Jan. 5? HOW do 'they' KNOW THAT?!?!?!?!?  btljooz | 12/07/05
Actually, they just  Hugh Jass | 12/07/05
Who Knows What the Future Holds Post-New Year's Doomsday  christopherarchitect | 12/08/05
What are you smoking?  jrbeaman | 12/08/05
Jr.............................................  glstorck@... | 12/08/05
re:Who Knows What the Future Holds Post-New Year's Doomsday  heml0ck | 12/09/05
there's pleny of time...if  IndredKold | 12/23/05
WELL SAID, CHRIS!!!  wildfire20004 | 12/24/05
"Do you think that we'll be ready to Sober up?"~~ZDNet  btljooz | 12/07/05
SOBER UP? After Y2K?  christopherarchitect | 12/08/05
I've contacted Hotmail Plus Support...  Grayson Peddie | 12/08/05
Now that's odd  John Zern | 12/08/05
Hotmail Security?  christopherarchitect | 12/08/05
Big Mistake in Assuming M$ Secure  IceTheNet@... | 12/08/05
"AVG"??  wildfire20004 | 12/24/05
I hope so.  Grayson Peddie | 12/08/05
Thats nice but....  jrbeaman | 12/08/05
OK. More news.  Grayson Peddie | 12/08/05
You have got to be kidding  Shelendrea | 12/08/05
"get out there and educate them." - SORRY!  jrbeaman | 12/08/05
Jr........................  glstorck@... | 12/08/05
But, of course, booger.  jrbeaman | 12/08/05
YOU ARE RIGHT jrbeaman! INTERNET "WAS" SAFE! BEFORE THE WWW OPEN SOURCE!  wildfire20004 | 12/24/05
YOU ARE RIGHT jrbeaman! INTERNET "WAS" SAFE! BEFORE THE WWW OPEN SOURCE!  wildfire20004 | 12/24/05
NICE! Shelendrea!  wildfire20004 | 12/24/05
What are the sites  nospamrh | 12/08/05
NOT QUITE!  jrbeaman | 12/08/05
Lighten up Jr..........  glstorck@... | 12/08/05
Did you miss the point?  jrbeaman | 12/08/05
You do need to lighten up Jr........  Shelendrea | 12/08/05
Your view is too limited.  jrbeaman | 12/10/05
Your view is too limited.  jrbeaman | 12/10/05
The internet is a privilege. Not a right.  osreinstall | 12/12/05
Internet Access IS a Privilege Not A Right  TerryGeorge | 12/12/05
Ah, Self Enforcing  osreinstall | 12/12/05
??? Some Progressive Resolution??  TerryGeorge | 12/09/05
You provide a solution...  jrbeaman | 12/10/05
Thank You For The Vote of Support!  TerryGeorge | 12/10/05
Thank You For The Vote of Support!  TerryGeorge | 12/10/05
Easy virus fix  jackofalltradesmasterofnone | 12/09/05
Childish....  jrbeaman | 12/10/05
DON't WORRY ABOUT THE CLOCK OR SOBER ONSLAUGHT!  fakir005@... | 12/10/05
Hey!! fakir005!  wildfire20004 | 12/24/05
it's been around for ages  jesus_of_suburbia344 | 12/13/05
"Pfishing in US Waters"  TerryGeorge | 12/19/05
"Pfishing in US Waters"  TerryGeorge | 12/19/05
"Pfishing in US Waters"  TerryGeorge | 12/19/05
"Pfishing in US Waters"  TerryGeorge | 12/19/05
Are the ones reading this update the "lucky" ones!?  wildfire20004 | 12/24/05
NORTON!!!  wildfire20004 | 12/24/05
Cells may come in handy!  wildfire20004 | 12/24/05
JAN, 5 ATTACK!!  wildfire20004 | 12/24/05
The best solution yet..!!  LuisB | 12/27/05

What do you think?

advertisement
advertisement

White Papers, Webcasts, and Downloads

Enterprise Applications

  • Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
  • New Online Dashboard
  • Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline