Sophos researchers have warned customers to be wary of a
bilingual bogus Microsoft virus fix, which claims to protect
against the MyDoom worm.
The W32/Roca-A
worm (also known as W32/Sober-D), has already been sighted several
times in the wild, and arrives in the form of an email with the
following characteristics:
Subject line:Microsoft Alert: Please Read!Message text:
New MyDoom Virus Variant Detected!
A new variant of the W32.Mydoom (W32.Novarg) worm spread
rapidly through the Internet. Anti-virus vendor Central Command
claims that 1 in 45 e-mails contains the MyDoom virus. The worm
also has a backdoor Trojan capability. By default, the Trojan
component listens on port 13468.
Protection:
Please download this digitally signed attachment. This Update
includes the functionality of previously released
patches.
+++ 2004 Microsoft Corporation. All rights
reserved.
+++ One Microsoft Way, Redmond, Washington 98052
+++ Restricted Rights at 48 CFR 52.227-19
Attached to the email is a ZIP file, which contains the
W32/Roca-A worm. If the worm determines it is being sent to a
German email address, it presents itself in German language instead
of English.
"As the Sober-C worm has
shown in recent months, viruses which use more than one
language when communicating with users can be more successful at
not raising suspicion," said Graham Cluley, senior technology
consultant for Sophos. "Companies should ensure their anti-virus
software is automatically updated, and screen for dangerous
filetypes at their email perimeter."
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.