1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WARNING EMAIL VIRUSES

Discussion in 'Computer Security' started by damienj3, Nov 24, 2005.

  1. damienj3

    damienj3 Byte Poster

    191
    2
    34
    Hi all I've been bombarded with emails all containing this WORM_SOBER.AG. Luckly I have had the sense to screen all of these using anti virus. I have a list of addresses and attachments which are sending these.

    hostmaster@bllancs.co.uk (mail.zip and downloadm.zip)
    webmaster@hotmail.com (downloadm.zip)
    webmaster@dsl.pipex.com (reg pass_data.zip)
    office@ex01.nwl.businesslink.co.uk (downloadm.zip)
    cfripp@kio.uk.com (mailtext.zip)
    office@tiscali.co.uk (reg pass_data.zip)
    postmaster@lsc.gov.uk reg pass.zip)
    hostmaster@ex01.nwl.businesslink.co.uk (mailbody.zip)
    hostmaster@blsy.com (downloadm.zip).

    Most of these have say something about Paris Hilton or Your password in the body. Please be aware.
     
    Certifications: mcse
    WIP: MCSE 2003
  2. tripwire45
    Honorary Member

    tripwire45 Zettabyte Poster

    13,493
    179
    287
    Thanks for the "heads up". I believe this is the same worm or variant recorded here:

    http://www.certforums.co.uk/forums/thread7845.html

    I heard Paris Hilton was thrown into the mix.

    EDIT: Also I'm moving this from the Lounge to the Security & Viruses forum since it's more appropriate in that forum. :)
     
    Certifications: A+ and Network+
  3. damienj3

    damienj3 Byte Poster

    191
    2
    34
    Certifications: mcse
    WIP: MCSE 2003
  4. Boycie
    Honorary Member

    Boycie Senior Beer Tester

    6,281
    85
    174
    thanks for the tip off :thumbleft
     
    Certifications: MCSA 2003, MCDST, A+, N+, CTT+, MCT
  5. damienj3

    damienj3 Byte Poster

    191
    2
    34
    not a problem. But if anyone knows how I can block them please let me know.
     
    Certifications: mcse
    WIP: MCSE 2003
  6. Boycie
    Honorary Member

    Boycie Senior Beer Tester

    6,281
    85
    174
    mark the mail as trash..... use your anti-virus software to scan and bin cr@p :thumbleft
     
    Certifications: MCSA 2003, MCDST, A+, N+, CTT+, MCT
  7. The_Geek

    The_Geek Megabyte Poster

    772
    13
    64
    It goes without saying.

    If you don't know who the email is from or didn't request it, don't click on it.
     
    Certifications: CompTIA and Micro$oft
    WIP: PDI+
  8. Jakamoko
    Honorary Member

    Jakamoko On the move again ...

    9,915
    60
    229
    Get a new email address and be more careful about signing up for things with it. Keep a "sign-up" account that you can monitor, but only use for that, and a "cr@p" account specifically for the "yes, I agree to be spammed with every virus there is for a year" offers.

    Common sense - protect your address, and reap the benfits.

    My € :)
     
    Certifications: MCP, A+, Network+
    WIP: Clarity
  9. tripwire45
    Honorary Member

    tripwire45 Zettabyte Poster

    13,493
    179
    287
    I finally got one from someone@cia.gov. Naturally, I sent it back to hell where it came from. :evil
     
    Certifications: A+ and Network+
  10. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,871
    167
    256
    So they are after you too Trip :eek:
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  11. tripwire45
    Honorary Member

    tripwire45 Zettabyte Poster

    13,493
    179
    287
    Yeah...I'd better reinforce my aluminum foil hat to keep them from scanning my brain waves. :tongue

    [​IMG]
     
    Certifications: A+ and Network+
  12. moominboy

    moominboy Gigabyte Poster


    you use aluminium foil?!

    well thats where you're going wrong, my friend!

    it's expensive but lead foil is the business!
     
    Certifications: ECDL
    WIP: A+
  13. Daywarrior

    Daywarrior New Member

    1
    0
    1
    I normally don't get involved in this type of forum, but it has come to my attention that you have posted a few email addresses that are supposable distributing the Sober worm. My concern is that the sober virus is capable of forging the senders email address, so that it looks like it coming from one location and it not.

    If you still have the emails can you look at the header data and confirm the senders. Most of the AV venders are aware of this problem.
     
  14. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    Hello Daywarrior

    Might be an idea to check out when this thread was set up!

    November 2005

    I doubt if the address is still valid consider how fast the IT world moves:blink
     
    Certifications: Comptia A+
    WIP: Comptia N+
  15. Baba O'Riley

    Baba O'Riley Gigabyte Poster

    1,760
    23
    99
    Makes us sound kind of seedy.:blink
     
    Certifications: A+, Network+
    WIP: 70-270

Share This Page

Loading...