Sober-F email worm spreading via email, users warned to be on their guard by Sophos

Sophos Press Release

Researchers at Sophos, a world leader in protecting businesses against viruses and spam, have warned computer users to be on their guard against a new variant of the Sober email worm which has been sighted in the wild.

The W32/Sober-F worm was spotted over the weekend, spreading via email systems using a variety of subject lines including "Oh my God", "Hi, it's me", "Well, surprise?!" and "Bad Gateway".

Users who launch the attached file invoke the virus, which harvests email addresses it finds on the computer's hard drive. The worm then forwards itself onto the list of email addresses it has discovered, sending itself in the form of a German language message if it determines it is being sent to an German email address.

"This latest incarnation of the Sober worm is capable of clogging up email systems and stealing bandwidth with the number of emails it can generate," said Graham Cluley, senior technology consultant for Sophos. "The fact that this worm appeared over the weekend underlines how vital it is for users to automate their anti-virus updates. All companies should wake up to the importance of filtering dangerous content at the email gateway."

In a sneaky twist the worm can append a message to the bottom of infected emails claiming that it has already been virus scanned, and no malware has been detected.

"The ploy of adding a 'No virus found' message at the bottom of the email is deliberately designed to appeal to those who are too impatient to practise safe computing," continued Cluley.

Sophos recommends companies protect their email with a consolidated solution to thwart the virus and spam threats as well as secure their desktop and servers with automatically updated anti-virus protection.

Più di 100 milioni di utenti in 150 paesi si affidano a Sophos, considerandola la migliore protezione contro minacce complesse e perdita dei dati. Sophos si impegna a fornire soluzioni di protezione completa facili da distribuire, gestire e utilizzare, e che offrano il più basso costo totale di proprietà del settore. Sophos offre soluzioni all'avanguardia per cifratura, sicurezza degli endpoint, Web, e-mail, dispositivi mobili e della rete, grazie al supporto dei SophosLabs: la nostra rete mondiale di centri di prevenzione delle minacce.

Le sedi centrali di Sophos sono situate a Boston, USA, e ad Oxford, Regno Unito.