The latest variant of the mass-mailing Sober worm, discovered on Monday, masquerades as an official Microsoft patch for the MyDoom worm. Sober.D is technically similar to its previous incarnation as Sober.C, where it used its own SMTP engine to send copies of itself to e-mail addresses found on infected systems, but the latest version displays fake Microsoft warnings and error messages. “It arrives in an e-mail that pretends to be a patch to protect against a version of MyDoom,” said senior technology consultant Graham Cluley of antivirus company Sophos. “The e-mail appears to be a Microsoft patch so people will of course double-click on that attachment.” Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.