funsec mailing list archives

Re: Upcoming Sober Threat

From: "Fergie" <fergdawg () netzero net>
Date: Wed, 4 Jan 2006 16:23:51 GMT

Todd,

F-Secure just had an update on thei "News from the Lab"
blog this morning:

 http://www.f-secure.com/weblog/archives/archive-012006.html#00000769

- ferg



-- "Todd Towles" <toddtowles () brookshires com> wrote:

Would someone clear this up. They found code in Sober.X (or whatever you want to letter it)...and found code that will 
force it to go to "sites" to download unknown code.
 
Were these sites not hard-coded in the virus? I have seen one report that said they were "dynamic". Anyone has any 
information that is a bit more clear??
 
-Todd


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Upcoming Sober Threat Todd Towles (Jan 04)
- Re: Upcoming Sober Threat Security Lists (Jan 04)
- <Possible follow-ups>
- Re: Upcoming Sober Threat Fergie (Jan 04)