I just got an email that said it was from the FBI, and I was visiting "illegal websites," whatever that is. There was an attachment that was supposed to be a questionaire, but I've been hit before with wicked viruses, so I just called the FBI in Washington DC.

All I said to the man was that I got a letter and then he screamed "Get rid of it! It's a virus."

Apparently this thing hit about 5 hours ago and it's a really nasty one. They are working on nailing the scumbags, so I can only hope they put them in with the axe and chainsaw murderers.

You guys have been warned. Be careful out there. The FBI guy said this is a really bad one. So many peiople have been calling that he didn't have time to give me much more info, but he was pretty empathic that this is a genuine threat.

Gee, and most of the e-mail I get from the FBI is completely legit! :rolleyes:

Thanks!


Sandy

http://securityresponse.symantec.com/avcenter/venc/data/w32.sober.k@mm.html

As a former dead guy and suspected torrorist, I can tell you that the FBI dudes have no sense of humor at all.

The worm has been around since Feb, but it took until today for the memo to get approval from all the required departments and be sent to staff. :crap:

Are you talking about yet another sober worm variant or the "zero day" exploit for Internet Explorer?? There is a javascript error within Internet Explorer that can be exploited even if a system is fully patched. There is exploit code available and this could be nasty since it affects patched systems. The "workaround", for the time being, is to disable javascript within IE or use another browser like Firefox. If you really want to geek out and get up to date information then you might want to check out the Internet Storm Center:

http://isc.sans.org/

Most of the guys working there are friends of mine and they live, eat and breathe this stuff. Of course, I do too so I guess I can't say much! : )

Darrin

An update from the FBI:

http://www.fbi.gov/pressrel/pressrel05/emailscheme112205.htm

Washington, D.C. - The FBI is warning the public to avoid falling victim to an on-going mass e-mail scheme wherein computer users received unsolicited e-mails purportedly sent by the FBI. These scam e-mails tell the recipients that their Internet use has been monitored by the FBI and that they have accessed illegal web sites. The e-mails then direct recipients to open an attachment and answer questions.

The e-mail appears to be sent from the e-mail addresses of mail@fbi.gov, post@fib.gov and admin@fbi.gov. There may be other similarly styled addresses. The recipient is enticed to open the zip attachment which contains a variant of the w32/sober virus. If the program within the zip attachment is executed then the virus is launched and my effect the user's computer.

The text of the email is as follows:

Dear Sir/Madam,

We have logged your IP-address on more than 30 illegal Websites.

Important: Please answer our questions! The list of questions are attached.

Yours faithfully,
Steven Allison
Federal Bureau of Investigation-FBI-
935 Pennsylvania Avenue, NW, Room 3220
Washington, DC 20535
Phone: (202) 324-30000

These e-mails did not come from the FBI. Recipients of this or similar solicitations should know that the FBI does not engage in the practice of sending unsolicited e-mails to the public in this manner.

Opening e-mail attachments from an unknown sender is a risky and dangerous endeavor as such attachments frequently contain viruses that can infect the recipient's computer. The FBI strongly encourages computer users not to open such attachments. For detailed information on the effects of running this virus please log onto http://www.cert.org.

The FBI takes this matter seriously and is investigating. While the address and phone number for the FBI is correct in the email, users receiving e-mails of this nature are encouraged to report it to the Internet Crime Complaint Center via http://www.ic3.gov.

Thanks. I sent that link to all my friends.

Man, since these guys are sending those viruses out using what looks like government email addresses, I think we can expect the perpetrators to be looking at some pretty big time.....if there's any justice, that is.

I got one from the CIA last night, looks like they are spreading out.

As of now, about 24 hours after the thing hit, I've gotten six of them from the CIA and FBI, and about another dozen or so from "administrator" and other vague official "sounding sources."

I'm not opening anything until the servers get a grip on this thing.

I got one from the IRS but it was snail mail and
they were looking for their money, spam I say. . .

enough humor, thanks for the warning Doc.

marty

I never get any of these "interesting" emails. I feel left out....yeah, riiight!