nanog mailing list archives
Re: Sober Z virus
From: Elijah Savage <esavage () digitalrage org>
Date: Tue, 03 Jan 2006 18:16:53 -0500
Fergie wrote:
Thank you I always forget about f secure and they did not post as musch info on symantecs site or I missed it some how.See: http://www.f-secure.com/weblog/archives/archive-122005.html#00000729 - ferg -- Elijah Savage <esavage () digitalrage org> wrote: Can anyone confirm this I got this from a security partner of ours.The source code for the Sober.Z worm, which began infecting computers worldwide on Nov. 21, indicates that the author(s) are planning to launch another attack on Thursday, Jan. 5 and Friday 6, to coincide with the 87th anniversary of the founding of the Nazi Party. On these dates, PCs infected with Sober.Z will be instructed to connect to numerous servers to download malicious code that will likely send out German and English language email hate messages. Uknown Company (my edit)encourages network administrators to protect themselves by blocking domains believed to host the malicious code. These domains are:http://people.freenet.de/ http://scifi.pages.at/ http://home.pages.at/ http://free.pages.at/ http://home.arcor.de/
-- http://www.digitalrage.org/ The Information Technology News Center
Current thread:
- Sober Z virus Elijah Savage (Jan 03)
- Re: Sober Z virus Steven M. Bellovin (Jan 03)
- <Possible follow-ups>
- Re: Sober Z virus Fergie (Jan 03)
- Re: Sober Z virus Elijah Savage (Jan 03)
- Re: Sober Z virus goemon (Jan 03)
- Re: Sober Z virus Steve Sobol (Jan 04)