New Sober Variant

Saw this on the SANS diary today:

A new sober variant is making the rounds, spreading surprisingly quickly.
We have received multiple reports, the file name we have seen is our_secret.zip.
Your anti-virus vendor of choice will have named it something interesting, with ‘sober’ somewhere in there.

More info about it can be found here:
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

The reason I post this is because the domain we use for e-mail got bombed with this virus today. Everyone with a purfoods.com e-mail address recieved multiple copies of it. Luckily I have Nod32 installed on all the PC’s here in the Nevada office.

They all came from the same Qwest IP address, so I just blocked all e-mails that come from that IP address. Seems to have worked so far.

0

Well, now what?

Work with Me

I'm available for hire and always taking new clients, big and small. Got a project or an idea you'd like to discuss? Startup plan but no developer to make it happen? Just get in touch, I'd love to see if I can help you out!

Leave some Feedback

Got a question or some updated information releavant to this post? Please, leave a comment! The comments are a great way to get help, I read them all and reply to nearly every comment. Let's talk. 😀

Longren.io is proudly hosted by DigitalOcean

DigitalOcean

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.