1. Este site usa cookies. Ao continuar a usar este site está a concordar com o nosso uso de cookies. Saber Mais.

Sober-N ataca fans de futebol

Discussão em 'Dúvidas e Suporte—Internet, Redes, Segurança' iniciada por RavenMaster, 6 de Maio de 2005. (Respostas: 4; Visualizações: 796)

  1. RavenMaster

    RavenMaster Power Member

    "It's the oldest trick in the virus writer's handbook.

    Promise free stuff and they will click.

    Around the world, and especially in Europe, soccer fans are falling for an e-mail promise of free tickets to the 2006 World Cup finals in Berlin, Germany.

    The computer worm, known as Sober-N, was identified on Monday, and has been spreading dramatically.

    "Essentially, it is doing classic social engineering," said Gregg Mastoras, a senior security analyst at the anti-virus company Sophos.

    Sober-N is spreading in both English and German, with the German version disguised as a successful confirmation of a ticket order to the 2006 World Cup, among the biggest sporting events in the world. Computer users are asked to click on an attachment for more information. The English version is not soccer related, instead it implies that there is some problem with the user's e-mail that needs to be addressed, by clicking the attachment.

    But in either language, that click will instead trigger the worm to harvest all the e-mail addresses on that computer, and send the same message to everyone on it.

    Sober-N is unlike other computer worms and viruses that carry malicious payloads, capable of stealing passwords or deleting files.

    "The only thing that is going to happen is, it's going to dramatically slow things down on your computer," said Mastoras. "Mailboxes are filling up as we speak, and that may become a productivity issue," he said.

    MessageLabs, a company that provides managed e-mail security for businesses, reports finding more than 1.1 million copies of the virus destined for its customers. MessageLabs spokeswoman Shelley Driscoll says the virus was filtered before it reached their 11,000 clients worldwide.

    The mantra that anti virus companies have been chanting for years is applicable to this threat.

    Computer users should never open e-mail attachments from unknown parties; they should update anti-virus, anti-spam and anti-spyware software on a regular basis, or invest in a program that automatically updates and installs those security programs when new threats are identified.

    This is not the first time that virus writers have exploited the planet's love of soccer. In 2002 a virus called Chick-F posed as an onscreen scores ticker during the World Cup in South Korea and Japan. And in 1998, a virus called WM97/ZMK-J asked computer users to pick the winners of upcoming matches. A wrong answer triggered a payload that wiped data off the user's hard drive.

    Who is behind Sober-N?

    Mastoras says there are two types of virus writers; organized criminals who use "malware" (malicious software) to steal information for financial gain; and the publicity seekers, who want their 15 minutes of fame.

    He says the creator of Sober-N definitely fits the bragging profile."

    fonte
     
  2. CA3iR0

    CA3iR0 Banido

    Anda tudo desesperado pra ver a bola :002:
     
  3. eXcept

    eXcept Power Member

    aqui na empresa caem às centenas por minuto, de mails infectados por esse virus... ARGH!!!
     
  4. HyperRush

    HyperRush Power Member

    Em suma, ataca empresas em geral, que bommm. 8o
     
  5. RavenMaster

    RavenMaster Power Member

    Sober S responsável por 77% de toda a actividade virulenta na Internet

    "A variante S do worm Sober mantém um nível de propagação elevado e corresponde a quase cinco por cento do tráfego total de Internet. A capacidade de propagação do vírus é tal que este é já responsável por 77 por cento da actividade virulenta na Internet, detalhava um relatório da Sophos, publicado na passada sexta feira.

    De acordo com esta análise o vírus não terá perdido capacidade de propagação ao longo dos dias e mantinha-se uma ameaça continuando a atingir vários tipos de utilizadores, inclusive em grandes empresas que já teriam procedido às actualizações de segurança, detalha um comunicado da empresa de segurança.

    Recorde-se que o Sober.S está incluído num anexo de uma mensagem de correio electrónico falsa, escrita em inglês ou alemão, com a oferta de bilhetes para o mundial de futebol de 2006 na Alemanha. O worm foi detectado no início da semana e identificado como um programa concebido para desactivar o software antivírus da Symantec e o firewall do Windows XP, escrito com tecnologia normalmente utilizada para criar spam.

    Esta combinação de factores leva as empresas de segurança a considerar que o ataque tem como objectivo preparar os computadores afectados para distribuírem spam e explica também a elevada capacidade de propagação do código. "

    fonte
     

Partilhar esta Página