Advanced Heuristics Technology Discovered and Stopped Latest Computer Worm
SAN DIEGO, CA — Eset Software, a leading worldwide provider of antivirus and Internet security software, announced the detection and elimination of the Win32/Sober.D, another of a continuing number of worms and viruses that NOD32 immediately detects using its unique Advanced Heuristics. All NOD32 users were protected against the threat of this worm from the time it was released in the wild.
Win32/Sober.D is a worm spreading via infected e-mails. It disguises itself as a security announcement sent from Microsoft. The worm is ‘bilingual’. If the worm is sent to a German speaking territory (Germany, Austria, Switzerland), the body of the e-mail is in the German language. The English version of the worm contains the text: “Microsoft Alert: Please Read!”. The body of the infected message attempts to cash on a user fear induced by the recent outbreak of the “Mydoom” worm epidemics.
The worm also has a backdoor Trojan capability. By default, the Trojan component listens on port 13468. The infected attachment comes in a form of .exe or zipped attachment. If executed the worm makes changes in the system registry and harvests e-mail addresses found on the infected machine.
Anton Zajac, President of ESET software said: “The only efficient antivirus protection is the one that stops the virus the very instant it hits the networks. Eset’s Advanced Heuristics provided such protection in case of Win32/Sober.D. The focus of Eset development is an aggressive pro-active approach, rather than reactive protection.”
For more information about NOD32 or its Advanced Heuristics please visit www.nod32.com
About Eset Software:
Eset is a privately held software development and research company with offices in San Diego, London, Prague, and Bratislava. Founded in 1992, Eset has focused on developing innovative antivirus software systems. NOD32 has evolved from that development process to be consistently rated as one of the best antivirus products. In fact, NOD32 holds more Virus Bulletin 100% Awards than any other product available.