McAfee Raises Risk Level For Sober.k
McAfee AVERT (Anti-virus and Vulnerability Emergency Response Team), the research division of McAfee, has raised the risk assessment to Medium on the recently discovered W32/Sober.k@MM, also known as Sober.k.
Sober.k is a mass mailing threat that contains its own SMTP engine to construct outgoing messages, which are written in German or English. It harvests addresses from local files and then uses the harvested addresses to send itself. This produces a message with a spoofed ‘From’ address.
An attachment comes in the form of a .zip file that contains an executable file inside. The filename contains a dual extension with the first extension being .txt, followed by many spaces and the second extension .PIF.
Users would need to manually extract the executable from the .zip file and manually run the attachment in order to be infected. There is no exploit launching the executable automatically. The importance of the mail is set to “High” (this will only have an effect for certain mail clients).
After being executed, Sober.k copies itself into the Windows system directory using a constructed name from a pool of strings and thus is variable
McAfee recommends that users log on to McAfee Alert Notification to download the 4424 DAT files, so as to prevent infection.
- McAfee Acquires Cloud Security Startup Skyhigh Networks
- ITAM Aims To Reduce Software Spends Of CIOs
- Paying Ransom Makes One More Susceptible To Attack: Report
- McAfee Plans More Investment; Jobs In India
- M&A: Is Security Industry Set For A Paradigm Shift?
- Intel Spins Out McAfee Security Unit in USD 4.2Bn Deal
- Intel Has No Plans To Sell McAfee Business: Jagdish Mahapatra
- Salesforce.com Appoints Trey Ford As Security Head
- 9 Cyber Security Threat Predictions For 2016
- Samsung, Intel Partner To Secure Tizen Smartphone