New Sober threat storms to top of virus table


New Sober threat storms to top of virus table

Antony Savvas

The variant of the Sober virus which emerged last week has proved the most virulent threat of the past month, according to anti-virus company Sophos.

At its peak, the new Sober-Z worm accounted for one in every 13 e-mails sent.

Sophos said the proliferation of Sober-Z has caused Netsky-P, the worm written by German teenager Sven Jaschan, to fall to second position after dominating the number-one spot for the past four months.

The top ten viruses in November were as follows:

  1. Sober-Z 42.9%
  2. Netsky-P 8.1%
  3. Mytob-GH 6.8%
  4. Mytob-EX 4.5%
  5. Zafi-D 4.0%
  6. Mytob-BE 2.3%
  7. Zafi-B 2.1%
  8. Mytob-AS 1.6%
  9. Netsky-D 1.2%
  10. Mytob-C 1.1%
    Others 25.4%

The Sober-Z worm, which accounts for a massive 42.9% of all viruses reported to Sophos, sends itself as an e-mail attachment and attempts to turn off security software on the user's computer.

Once the attached file is run, the worm scans the user's hard drive for e-mail addresses in its search for other computers to infect. The author of the worm has been operating anonymously for more than two years.

Carole Theriault, senior security consultant at Sophos, said, “As this latest worm purports to be a warning from CIA and FBI agents, accusing recipients of visiting illegal websites, you can’t help but wonder whether the author is desperate to be caught. Mocking the feds is a sure-fire way of going about it.”

To reduce threats, Sophos recommends that companies block unwanted executable attachments at their e-mail gateway, to stop them being sent into the organisation.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy