Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Sober.I is on the go; Quiet day on the net - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Sober.I is on the go; Quiet day on the net
Sober.I is on the Go


It appears yet another version of Sober is making the rounds on the Net and is building up speed. This version was first reported on November 19th and has grown to what is now being rated severe by the AV software companies. Secunia has now issued an advisory as well.

http://securityresponse.symantec.com/avcenter/venc/data/w32.sober.i@mm.html


http://wtc.trendmicro.com/wtc/summary.asp


http://www.f-secure.com/virus-info/statistics/


http://secunia.com/virus_information/13463/sober.i/


It appears that the emails are being sent in both German and English. They are being transmitted via a built in SMTP engine and contain an attachment. (Of course none of our faithful diary readers open attachments.) Most of the definitions have been available since November 19th and removal tools are available from many of the AV companies.
Quiet Day on the Net


It has definitely been a quiet day. I guess everyone was busy at Grandma's, Aunt Tilly's or wherever they were stuffing themselves on Turkey and Stuffing complete with all of the fixin's. I on the other hand sat quietly guarding the Net(and did a fine job too I might add). I hope everyone enjoyed their football, family and fun.

Beings I am not as clever and creative as some of our other handlers, and can't write any really cool spooky stories, I guess I will just close this with a greeting of:

Happy Thanksgiving to All

Deb Hale
Handler on Duty
Deborah

278 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!