Another Sober Variant Gears Up for Monday Blitz

A report out of the German government indicates that Sober-P is prepared to launch a spam blitz similar to the hate mail sent out by Sober-N-infected machines earlier this week.

By  Michael Hall | May 20, 2005
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

Warnings are beginning to appear that after a drop-off in activity a particularly pervasive virus may be set to reactivate on Monday, possibly repeating its role as a relay for hate spam.

Also on Malware at ENP

  • Sober Becomes Hate Mail Conduit
  • Botnets: Who Really "0wns" Your Computers?
  • Worm Accounts for 5 Percent of E-Mail Traffic
    • According to a warning posted by the German governmental office responsible for IT security (the Bundesamt für Sicherheit in der Informationstechnik, or BSI), an analysis of Sober-P's source code indicates that the virus is set to begin querying sites around the Internet for content to relay.

    As reported on Monday, Sober-N became a conduit for political spam for a nationalist group in Germany after establishing itself as such a nuisance that security firms were crediting it with up to 14 percent of all e-mail traffic flowing over the Internet.

    According to the BSI, Sober variant Sober-P is set to repeat that performance, though the organization couldn't say what form its next blitz might take. The organization also indicated it has taken steps with ISPs to block machines the worm is apparently set to consult for content to relay.

    Published reports also indicate that there's a certain element of random activity in the Sober family, with a sophisticated algorithm found in the worm determining at what times and from which sites it will begin downloading the data it then forwards on as spam.

    mhall@internet.com

    Comment and Contribute
    (Maximum characters: 1200). You have
    characters left.
    Get the Latest Scoop with Enterprise Networking Planet Newsletter
    Helpful Links

    • Yankee Group Mobile WAN Optimization Report

      Mobile work continues to evolve. Your organization must keep up with the demands of its mobile workforce. This report introduces the concept of mobile WAN optimization and provides three case studies including RCM, PRTM and Einstein that highlight how this emerging technology can help IT departments achieve what previously appeared to be conflicting goals. Read >

    • Network Security Resources

      More threats than ever before pose a danger to today's enterprise network. Get the latest tips and intel on the newest risks in our guide to network security resources. Read >

    • Extreme Savings: Cutting Costs with WAN Optimization

      Did you know it's possible to cut IT costs without impacting day-to-day IT operations? In fact, when you download this whitepaper from Riverbed on cost-savings through WAN optimization, you'll discover how businesses of all different sizes have realized a return on investment in just a few months through significant hard cost savings in areas such as bandwidth reduction and IT consolidation. It's called Extreme Savings and its only from Riverbed. Read >