How To Stop The Sober Worm
Whoever wrote the Sober.P worm is persistent. The worm, which raced around the Internet this week, is the 18th version of a worm that first made it appearance two years ago. This one first surfaced in Western Europe on Monday and began to infect computers, but it fizzled out when it crossed the ocean and hit the United States. Today, security analysts and vendors are helping companies to clean up the mess Sober.P left behind and are reminding businesses how to prevent such worms from causing damage.
This version of Sober offered of tickets for next year’s World Cup soccer championship, taking place in Germany, in an effort to get users to click on an attachment to unleash the worm, which then looked for E-mail addresses so it could send itself to other computers, according to McAfee Security. The worm doesn’t delete information or damage computers. It mainly affects the bottom line because it consumes network bandwidth and requires time and effort to remove it from computers.
While the creators of Sober.P may be persistent, they aren’t very creative, according to security experts. The main change from one version to the next has been the use of different file names for the attachment and different body text in the E-mail, according to Lysa Myers, virus research engineer at the antivirus and vulnerability emergency response team at McAfee. “This is pretty well par for the course for what changes we see between one variant in a family and the next,” she says. “Changing text is much simpler than changing functionality.”