Researchers at Sophos, a world leader in protecting businesses
against viruses and spam, have warned computer users to be on their
guard against a new variant of the Sober email worm which has been
sighted in the wild.
worm was spotted over the weekend, spreading via email systems
using a variety of subject lines including "Oh my God", "Hi, it's
me", "Well, surprise?!" and "Bad Gateway".
Users who launch the attached file invoke the virus, which
harvests email addresses it finds on the computer's hard drive. The
worm then forwards itself onto the list of email addresses it has
discovered, sending itself in the form of a German language message
if it determines it is being sent to an German email address.
"This latest incarnation of the Sober worm is capable of
clogging up email systems and stealing bandwidth with the number of
emails it can generate," said Graham Cluley, senior technology
consultant for Sophos. "The fact that this worm appeared over the
weekend underlines how vital it is for users to automate their
anti-virus updates. All companies should wake up to the importance
of filtering dangerous content at the email gateway."
In a sneaky twist the worm can append a message to the bottom of
infected emails claiming that it has already been virus scanned,
and no malware has been detected.
"The ploy of adding a 'No virus found' message at the bottom of
the email is deliberately designed to appeal to those who are too
impatient to practise safe computing," continued Cluley.
Sophos recommends companies protect their email with a consolidated solution to thwart the virus and
spam threats as well as secure their desktop and servers with
automatically updated anti-virus protection.