Results 1 to 7 of 7

Thread: Nazi Sober worm: January 5th

  1. #1
    Senior Member
    Join Date
    Dec 2004
    Posts
    3,171

    Nazi Sober worm: January 5th

    Security outfit iDefense is reporting that the next Sober worm attack will take place on 5 January - the 87th anniversary of the founding of the Nazi party.

    The information has been gleaned from breaking encrypted code in the latest version of Sober which dominated the November anti-virus ratings. According to iDefense, "the November 22 variant is designed to download an unknown payload of code on January 5, 2006".

    As we reported last month, Sober accounted for "one in every 13 emails sent and 42.9 per cent of all viruses reported to Sophos" in the November threat chart. The last variant was delivered as an email attachment to messages - either in German or English - allegedly emanating from police agencies warning users they are under investigation for visiting illegal websites.

    Once the attached file is run, the worm "scans the user's hard drive for email addresses, in its search for fresh targets for infestation". It also tries to disable security software on infected Windows PCs.

    Regarding the apparently political timing of the next expected assault, Joe Payne, vice president, VeriSign iDefense Security Intelligence Services, said: "This discovery emphasizes the ever-present and often underestimated threat of 'hacktivism' - combining malicious code with political causes. Exposing this latest variant required technical and geopolitical analysis that connected the dots to give enterprises and home users plenty of time to shore up their defenses."
    http://www.theregister.co.uk/2005/12/08/sober_attack/
    Sober worm plans 5 January attack | The Register

    The Stormtroopers are coming...close those gates and prepare those defenses.

  2. #2
    allegedly emanating from police agencies warning users they are under investigation for visiting illegal websites.
    Sounds a lot like the fake emails i recieved, but the attachement in the .Zip file were useless from what i've been told..

    But still i can imagine come 5th of january {My Birthday} there's gonna be some hell for those unpatched/secured box's around the world..

    front2back

  3. #3
    Senior Member
    Join Date
    Dec 2004
    Posts
    3,171
    Hi f2b,

    I remember reading that thread of yours...that part sounds very similiar to the problem you had.

    As for this: they don't expect this to be much of a threat because people have been warned early enough to prevent infection...so...the only ones who will suffer will be those who don't read the alerts or those too stupid to care.

    Eg

  4. #4
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,534
    the only ones who will suffer will be those who don't read the alerts or those too stupid to care.
    So that's like, only how many millions

    I fear that one day soon, it will all come crashing down, and it will be one of these little 84574rd5 what does it
    so now I'm in my SIXTIES FFS
    WTAF, how did that happen, so no more alterations to the sig, it will remain as is now

    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

  5. #5
    so...the only ones who will suffer will be those who don't read the alerts or those too stupid to care.
    But even so you are going to get those that are ignorant to the fact that they might be being used as a host for this worm/bug/virrii and just don't care, or understand the severity of the situation.
    Unfortunatly there is a sucker born every 5 seconds and there the ones whom are helping this bug along.
    Well that's how i see this whole situation.

    front2back.

  6. #6
    Senior Member DakX's Avatar
    Join Date
    Jul 2005
    Posts
    128
    5th of january is indeed going to be hell for a lot of people who don't have there box security up to date. I wonder if the worm is advanced enough to get the date from somewhere else then the local computer that it has infected. If not why not set the date to the back a few months and wait for the tool to be produced. My guess that it won't work but its a fun solution. Maybe just unpluging your connection or getting on of these Hacker stop things . (Just my way of saying that the world is full of idiots)
    [T]he future is now.

  7. #7
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    /off topic but slightly amusing?

    the 87th anniversary of the founding of the Nazi party.
    Two days ago (OK three or four..........depends on your time zone?) the British Conservative Party "elected" a new leader..............

    How come it was only 48 hours before his begging letter came through my mailbox?.............

    It had better be a decent Christmas card this year! or there will be trouble?

    Not that I am cynical or anything.................but why does it take a national government a week to respond to a disaster (not even in your own country!) and only 48 hours for a political party to be on the scrounge for funds?

    Ack! phttt!


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •