Experts: Sober time bomb's under control

The Sober attack expected later this week is unlikely to have much effect on company systems, antivirus experts predicted.

As reported last month, machines that were infected by Sober in November have the potential to download malicious code from certain Web sites and then launch a new wave of viruses on Jan. 5 or 6.

But experts from antivirus companies F-Secure, Websense and MessageLabs all agreed on Wednesday that this Sober attack is unlikely to cause many problems, because systems administrators and antivirus companies have had time to prepare for it.

F-Secure raised the possibility that there might not even be an attack, as Internet service providers could block access to the malicious Web sites.

“There might be no attack at all. As everybody knows about the attack, the virus writer may lay low and attack at a later date,” said Mikko Hypponen, director of antivirus research at F-Secure. “The ISPs involved can actively block malicious postings. It’s more likely the attacker will lay low or be blocked rather than succeed.”

Websense agreed that the Sober attack likely won’t have a major effect.

“Sober has been mitigated pretty well. I would be really surprised if there’s still a problem. I don’t see it being a big issue,” said Dan Hubbard, the senior director of security and research at the company.

The worm time bomb is contained in a variant of Sober that hit systems in November, clogging e-mail servers and stalling messages sent to Microsoft’s Hotmail and MSN e-mail services.

Full article: CNET News.com