This sober *FBI/CIA* variant seems to have strike back with the intention to make *news* which it failed to make when it was originally released first time in the month of Feb (2005). I encountered it in the month of Feb and since there were no AV advisories around, I reverse engg it to find out the 'payload' but there were no destructive payload and it was just a mass mailler. A reverse analysis report can be downloaded from the following link - http://www.hackingspirits.com/eth-hac/papers/Fake-FBI-Worm-Analysis.zip
- T (aka D) -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of pingywon Sent: Thursday, November 24, 2005 12:34 AM To: Geo.; full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Virus infections yes indeed this Sober virus is ramping up pretty quick. Alot of my clients have called me today asking about emails they have received. Here is all the latest info on it. http://vil.mcafeesecurity.com/vil/content/v_137072.htm ~pingywon MCSE _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/