A new computer virus that has infected scores of computers worldwide has been detected, the NOD 32 company said on Wednesday.
CEO Justin Stanford said the virus, the Sober.O worm, was first detected on Tuesday and has been spreading rapidly via e-mail.
”Over 100 000 infected samples have been collected in the last 24 hours, marking this as the worst virus onslaught of the year,” said Stanford.
”Sober.O uses its own SMTP engine to spread through e-mail and create outgoing messages from a spoofed sender’s address that may use the words ‘admin’, ‘info’, ‘postmaster’ and ‘web master’,” he added.
He said subject lines for these infected e-mails include a password or registration confirmation, or notifications of blocked e-mails and mailing errors.
The virus has rapidly risen to the number-two spot and continues to climb, he said.
Stanford said when the e-mail attachment in the infected message is opened, Sober.O collects e-mail addresses from local files and then uses the addresses to send itself out to other computers.
”It will also attempt to delete many files on the system. Once a computer is infected, the virus locks the files in the system’s memory so that they cannot be easily detected or removed by antivirus products,” he said.
For this reason, it is important to detect the virus in a proactive way even before a signature update has been created, he adds.
He said Sober.O also seeks and destroys files in the registry, which could disable many anti-virus files and firewall programs. — Sapa