Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2004-11-25 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Sober.I is on the go; Quiet day on the net

Published: 2004-11-25
Last Updated: 2004-11-26 04:12:06 UTC
by Deborah Hale (Version: 1)
0 comment(s)
Sober.I is on the Go


It appears yet another version of Sober is making the rounds on the Net and is building up speed. This version was first reported on November 19th and has grown to what is now being rated severe by the AV software companies. Secunia has now issued an advisory as well.

http://securityresponse.symantec.com/avcenter/venc/data/w32.sober.i@mm.html


http://wtc.trendmicro.com/wtc/summary.asp


http://www.f-secure.com/virus-info/statistics/


http://secunia.com/virus_information/13463/sober.i/


It appears that the emails are being sent in both German and English. They are being transmitted via a built in SMTP engine and contain an attachment. (Of course none of our faithful diary readers open attachments.) Most of the definitions have been available since November 19th and removal tools are available from many of the AV companies.
Quiet Day on the Net


It has definitely been a quiet day. I guess everyone was busy at Grandma's, Aunt Tilly's or wherever they were stuffing themselves on Turkey and Stuffing complete with all of the fixin's. I on the other hand sat quietly guarding the Net(and did a fine job too I might add). I hope everyone enjoyed their football, family and fun.

Beings I am not as clever and creative as some of our other handlers, and can't write any really cool spooky stories, I guess I will just close this with a greeting of:

Happy Thanksgiving to All

Deb Hale
Handler on Duty
Keywords:
0 comment(s)
Diary Archives