Sophos has today warned of a new
computer virus spreading widely across the internet, sometimes
posing as an email from Microsoft's Bill Gates.
The Sobig-C
mass-mailing worm spreads via email - forwarding itself to email
addresses found on the infected computer's hard drive - and network
shares.
When forwarding itself on to other computer users the worm
spoofs the "From:" field either using addresses found on the
computer's hard drive or "bill@microsoft.com".
Infected emails contain subject lines such as "Re: Movie", "Re:
Approved", or "Re: Your application" and contain the message
"Please see the attached file". The worm can use a number of
different attachment names including screensaver.scr, movie.pif and
documents.pif.
"Many users are cautious of EXE and VBS files which arrive in
their inbox, but may not realise that PIF and SCR files are equally
capable of containing viruses," said Graham Cluley, senior
technology consultant for Sophos Anti-Virus. "Businesses should
automatically block all executable code at the email gateway - it's
the easiest way to avoid infection by a brand new email-aware
worm."
W32/Sobig-C is
related to the W32/Sobig-A and W32/Sobig-B worms which
infected many systems earlier this year.
Sophos recommends companies consider blocking all executable
code at their email gateway. It is rarely necessary to allow users
to receive programs via email from the outside world. There is so
little to lose, and so much to gain, simply by blocking all emailed
programs, regardless of whether they contain viruses or not. Users
of Sophos MailMonitor for SMTP can achieve this through its
threat reduction
capability.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.