By Dan Ilett, 20 April 2005 10:30
NEWS Virus writers have resurrected the Sober worm with a new variant that is spreading quickly over the internet.
Security experts said on Tuesday that the worm, dubbed Sober.M, reports email addresses of victims back to its anonymous author a technique known as harvesting. Spammers typically buy these fresh addresses to add to their lists of email recipients.
The email containing the worm is written in bad English with the subject line: "I've_got your E-mail on my_account!"
"It looks like the virus writer is deliberately using broken English to [convince] people the email is not a virus," said Graham Cluley, senior technology consultant at antivirus company Sophos, in a statement.
Sophos said that the new Sober variant was the fifth most reported virus over the last 24 hours, closely followed by versions of Zafi and Netsky. It's thought that all the major antivirus companies are now offering protection against the worm, so users should update their virus protection.
Sober.M is a mass emailing virus that spreads as a .zip file attachment and affects systems running Microsoft Windows. The email containing the worm sends itself in German or English language. The English version of the email is below.
Subject line: I've_got your E-mail on my_account!
Message text:
Hello,
First, Very Sorry for my bad English.
Someone is sending your private e-mails on my address.
It's probably an e-mail provider error!
At time, I've got over 10 mails on my account, but the recipient are you. I have copied all the mail text in the windows text-editor for you & zipped then. Make sure, that this mails don't come in my mail-box again. bye
Attached file: your_text.zip
Dan Ilett writes for ZDNet UK.
In order to post a comment you need to be registered and logged in.
Log in or create your silicon.com account below