New Worm Masquerades as MSFT Patch - Philadelphia Conshohocken Delaware Valley PA USA
Netforcement Header
Spacer Services Security Resources Case Studies About Contact Us

New Worm Masquerades as MSFT Patch

03-09-04


(Philadelphia & Conshohocken, PA)

(Philadelphia & Conshohocken, PA) Courtesy of eWEEK, March 8 ... A new worm purporting to contain a patch to defend against MyDoom is attacking Windows machines throughout Europe and parts of North America. Sober.D appeared Sunday, March 7, and began spreading in Germany and the United Kingdom. The worm arrives in an e-mail message with a subject line of "Microsoft Alert: Please Read!" and carries a sending address with a Microsoft domain. The domain extension on the messages are typically from Germany, Israel, Switzerland or Austria. Many of the samples of the new variant that anti-virus vendors have seen so far have been written in German. The message includes a file attachment that is either an executable or a Zip archive, according to Network Associates Inc. Once installed on a machine, the virus will display a phony error message indicating either that the fake patch has been installed or does not need to be installed on the PC. Sober.D then scours the machine's hard drive for e-mail addresses and begins mailing itself out. Complete Article.





BACK to the Netforcement News Page.

REQUEST MORE INFORMATION On how Netforcement can help you secure the integrity of your network.

 
610.260.9989 | Request Info Privacy & Security Site Map | © 2006 Netforcement   
Footer1
Home Page Customer Login PGP Keys