Sober Z virus

• Previous message (by thread): Sober Z virus
• Next message (by thread): Sprint routing issue
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In message <43BB0108.6050000 at digitalrage.org>, Elijah Savage writes:
>
>Can anyone confirm this I got this from a security partner of ours.
>
>The source code for the Sober.Z worm, which began infecting computers 
>worldwide on Nov. 21,  indicates that the author(s) are planning to 
>launch another attack on Thursday, Jan. 5 and Friday 6, to coincide with 
>the 87th anniversary of the founding of the Nazi Party.  On these dates, 
>PCs infected with Sober.Z will be instructed to connect to numerous 
>servers to download malicious code that will likely send out German and 
>English language email hate messages. Uknown Company (my edit)encourages 
>network administrators to protect themselves by blocking domains 
>believed to host the malicious code.  These domains are:
>http://people.freenet.de/
>http://scifi.pages.at/
>http://home.pages.at/
>http://free.pages.at/
>http://home.arcor.de/
>
>
>
>-- 
>http://www.digitalrage.org/
>The Information Technology News Center
>
Also see http://www.lurhq.com/soberdates.html

		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb

• Previous message (by thread): Sober Z virus
• Next message (by thread): Sprint routing issue
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]