24 nov. 2005
|
| Genotype technology is built into all Sophos products, proactively defending against new
threats. |
Last updated 29 November 2005 with latest
statistics
Experts at SophosLabs™, Sophos's global
network of virus, spyware and spam analysis centres, are warning
computer users that the new Sober-Z worm is spreading
at such a rate that it now accounts for over 88% of all viruses
reported to Sophos - making it currently the most widespread
computer virus in the world.
Accounting for a staggering one in 13 of all emails travelling
across the internet, the Sober-Z worm sends itself as an email
attachment and attempts to turn off security software on the user's
computer.
The worm lures innocent computer users into opening its infected
attachments using a variety of tricks that include posing as an FBI
or CIA agent with attached questions to be answered, and a phoney
offer of Paris Hilton and Nicole Richie video clips from 'The
Simple Life'. Instead, in the case of every Sober-Z attachment, the
zip file contains a copy of the worm with the filename
File-packed_dataInfo.exe. The worm then scans the user's
hard drive for other email addresses, in its search for other
computers to infect.
Typical email messages sent by the worm can include, but are not
limited to, the following:
From:
<Harvested address>
Subject:
hi, ive a new mail address
Message text:
hey its me, my old address dont work at time. i dont know why?!
in the last days ive got some mails. i' think thaz your mails but
im not sure! plz read and check ...
cyaaaaaaa
Attachment:
mailtext.zip
or
From:
<Harvested address>
Subject:
Paris_Hilton_&_Nicole_Richie
Message text:
The Simple Life:
View Paris Hilton & Nicole Richie video clips , pictures
& more ;)
Download is free until Jan, 2006!
Please use our Download manager.
Attachment:
downloadm.zip
"The sheer rate at which this worm is spreading proves that the
devious tricks used by the worm's creator are working," said
Graham Cluley,
senior technology consultant at Sophos. "This should be a wake up
call to businesses across the globe as to the major level of threat
that viruses pose to IT security. It's absolutely imperative that
all organisations defend their networks from such attacks with a
consolidated solution."
At 00:00 on 6 January 2006, the worm attempts to download
further code from the internet. If no code is downloaded the Sober
worm is programmed to stop replicating via email.
The author of the Sober worm has now been attacking innocent
computer users for more than two years and Sophos is calling for
anyone with information about the author to report it to the
computer crime authorities.
Sophos customers proactively protected against Sober-Z
worm
Sophos's proactive Genotype™ technology was capable of detecting
the Sober-Z worm proactively (naming it as W32/Sober-Gen),
defending customers' computers without requiring an update.
Sophos PureMessage, Sophos's consolidated
email gateway solution which defends businesses against both spam
and viruses, can also block the spam messages sent by the worm.
Sophos strongly recommends companies thwart virus and spam
threats and secure their desktops and servers with automatically
updated anti-virus and anti-spam
protection.
Plus de 100 millions d'utilisateurs dans 150 pays font confiance à Sophos pour leur procurer la meilleure protection contre les menaces complexes et la perte de données. Régulièrement primées, ses solutions intégrées de sécurisation et de protection des informations sont simples à déployer, à administrer et à utiliser, et offrent le coût global de possession le plus avantageux du marché. Elles permettent le chiffrement des données, la protection des systèmes d’extrémité, la sécurisation du Web et de la messagerie et le contrôle d’accès réseau, avec le support permanent des SophosLabs, le réseau mondial de centres d'analyse des menaces de Sophos. Avec une expérience de plus de vingt ans, Sophos est considéré par les firmes d'analystes reconnues comme l'unes des figures de proue du marché en matière de sécurité et de protection de données et s'est vue décerner de nombreuses récompenses.
Les sièges sociaux de Sophos se trouvent à Boston, États-Unis et à Oxford, Royaume-Uni. Pour en savoir plus, visitez notre site www.sophos.fr.