New Sober worm spreads like wildfire

Nick Verhaar
USERS all over the world have recently become the unfortunate recipients of hundreds, and in some cases, thousands of virus infected emails containing new variants of the Sober worm.
Disguising itself as an official warning from either the FBI or CIA, the message goes into detail that the recipient has been looking at illegal websites and should answer some questions saved in the email’s attachment.
Upon launching the attachment your system instantly becomes infected and the Sober worm will scan all local hard disks in an attempt to harvest potential victims’ email accounts.
An infected machine will then proceed to participate in widespread delivery of infected email messages to harvested addresses.
The Sober worm also searches for any Microsoft antispyware or antivirus software operating on the infected machine and automatically disables them upon detection.
Due to the large number of machines that are infected and delivering these spam messages, it is becoming increasingly difficult to block these messages as they’re being sent from so many different hosts.
In many cases the only line of defence is to update spam filters and ensure antivirus definitions are kept up to date.
If you suspect you or a friend may be infected with the Sober worm, it would be a very good idea to either update your antivirus definitions, or run an online virus scanner such as Trend Micro’s HouseCall which is freely available for use at http://housecall.trendmicro.com.
You should also make it a habit to regularly run the Windows Update service to ensure your system is up to date with security and bug fixes.