[87672] in North American Network Operators' Group
Re: Sober Z virus
daemon@ATHENA.MIT.EDU (Fergie)
Tue Jan 3 18:11:44 2006
From: "Fergie" <fergdawg@netzero.net>
Date: Tue, 3 Jan 2006 23:10:33 GMT
To: esavage@digitalrage.org
Cc: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
See:
http://www.f-secure.com/weblog/archives/archive-122005.html#00000729
- ferg
-- Elijah Savage <esavage@digitalrage.org> wrote:
Can anyone confirm this I got this from a security partner of ours.
The source code for the Sober.Z worm, which began infecting computers =
worldwide on Nov. 21, indicates that the author(s) are planning to =
launch another attack on Thursday, Jan. 5 and Friday 6, to coincide with=
=
the 87th anniversary of the founding of the Nazi Party. On these dates,=
=
PCs infected with Sober.Z will be instructed to connect to numerous =
servers to download malicious code that will likely send out German and =
=
English language email hate messages. Uknown Company (my edit)encourages=
=
network administrators to protect themselves by blocking domains =
believed to host the malicious code. These domains are:
http://people.freenet.de/
http://scifi.pages.at/
http://home.pages.at/
http://free.pages.at/
http://home.arcor.de/
-- =
http://www.digitalrage.org/
The Information Technology News Center
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg@netzero.net or fergdawg@sbcglobal.net
ferg's tech blog: http://fergdawg.blogspot.com/
