Threat From Sober Variant Grows
Network Associates raises threat level to medium as incidents of the W32/Sober.C worm spread over the weekend.A variant of the Sober mass-mailing worm appears to be gaining more traction as leading security vendors increase their threat levels. Increasing prevalence of the W32/Sober.C worm prompted Network Associates Inc. on Sunday to raise its risk assessment to medium from low. Sober.C is most active in Germany, where e-mail security vendor MessageLabs Inc. said 83 percent of samples had originated. Other security vendors all have rated Sober.Cs threat as low or medium. F-Secure Corp. tagged it a medium threat, ranking it a level 2 threat out of three. Symantec Corp. rated it as a level 2 threat out of five, or a low threat. MessageLabs also consider the risk "low," while saying that it has intercepted a "significant number of copies" of the worm.
Sober.C first appeared on Saturday, and New York-based MessageLabs reported its highest number of interceptions of the worm on Sunday.