26 Jun 2003
Unzip at your peril - it may be Sobig worm, says Sophos
Sophos's customer support service has received
many reports from businesses attacked by the latest variant of the
Sobig worm. W32/Sobig-E, first seen
25th June, is the fifth variant of the Sobig worm - but varies from
its older siblings as it spreads itself in the form of a ZIP
file.
Even though the user has to unZIP the offending file and launch
its content to become infected, some business networks are still
falling victim to the worm. Sophos advises all businesses to keep
their virus protection up-to-date and educate their users about the
perils of unsolicited code.
"Sobig-E is different from your typical worm as it spreads as a
ZIP file. This means even if a company has a forward-thinking
security policy of blocking executable code - the usual carrier for
email worms - Sobig-E can sneak past and dupe people into running
its code," said Graham Cluley, senior technology consultant for
Sophos Anti-Virus. "The best defence against Sobig-E is to get into
the habit of never running unsolicited code and keep your email
gateway and desktop virus protection up-to-date."
Sobig-E is programmed to fall dormant on 14 July. Indeed nearly
all of the Sobig worms have had limited lifespans. If the virus
writer continues with this pattern, Sophos says it would not be
surprised if a sixth version of the worm were released shortly
after the demise of Sobig-E.
Sophos issued protection against the W32/Sobig-E worm at 16:35
GMT on Wednesday, 25 June 2003.
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.