Welcome to P2PNET.net - The original daily p2p and digital news site. Always First!
Register | Login
RIAA News
Cool Stuff
MPAA News
Games / Consoles
News
Music
Movies
TV
Open Source
Mobiles
Advertising
Product News
P2P
Off Topic
Freedom
Politics
Interviews
Security
DRM
Links
Kids and Kartels
Search: 
Search
 
Web P2PNET   
   Search: 
Search
Torrent Site Tracker
TekSavvy
 
Add real-time p2pnet headlines to YOUR site ! Click here to download our newsfeed code

Return of FBI ‘questions’ worm

p2p news / p2pnet: The Sober FBI ‘questionnaire’ worm is back.

F-Secure puts it at Radar Level 1, its highest warning level, and the FBI has issued a public alert.

In recent months Sober has been dressed up as an email offering free tickets to the soccer world championships, and another version opened a backdoor for a spam engine to bulk email hate messages.

Now Sober Y is on the loose and, “One of the reasons why this email worm seems to be so successful in spreading is that some of the messages it sends are fake warnings from FBI, CIA or from the German Bundeskriminalamt (BKA),” says F-Secure.

For its part, the FBI has issued a warning which says:

“These scam e-mails tell the recipients that their Internet use has been monitored by the FBI and that they have accessed illegal web sites. The e-mails then direct recipients to open an attachment and answer questions.

“The e-mail appears to be sent from the e-mail addresses of mail@fbi.gov, post@fbi.gov and admin@fbi.gov. There may be other similarly styled addresses. The recipient is enticed to open the zip attachment which contains a variant of the w32/sober virus. If the program within the zip attachment is executed then the virus is launched and may affect the user’s computer.”

Says F-Secure, “The numbers we’re now seeing with Sober.Y are just huge. This is the largest email worm outbreak of the year – so far!”

The text reads:

Dear Sir/Madam,
We have logged your IP-address on more than 30 illegal Websites.
Important: Please answer our questions! The list of questions are attached.
Yours faithfully,
Steven Allison
Federal Bureau of Investigation-FBI-

In February, Sober K said:

Dear Sir/Madam,
we have logged your IP-address on more than 40 illegal Websites.
Important: Please answer our questions!
The list of questions are attached.
Yours faithfully,
M. John Stellford
++-++ Federal Bureau of Investigation -FBI-
++-++ 935 Pennsylvania Avenue, NW, Room 2130
++-++ Washington, DC 20535
++-++ (202) 324-3000

“We believe all 25 variants of this virus have been written by the same individual, operating from somewhere in Germany,” says F-Secure. “Unlike most of the other widespread viruses nowadays, Sober doesn’t seem to have a clear financial motive behind it.”

Also read:-
FBI ‘questionnaire’ wormVirus lurks within FBI email, February 23, 2005
F-SecureSober.Y becoming huge, November 22, 2005

This entry was posted on Thursday, November 24th, 2005 at 12:45 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 1503 times

« previous Free movies on Sky broadband
E.Coli turns film star next »

Leave a Reply

Please no Spam, flaming (attacking others), trolling, and posting off-topic. Thanks.

    Advertisements
MP3Rocket


Remove Spyware with AntiSpyware for Windows®