This is a repost of comments I made on a similar article 12/1: (http://news.com.com/2100-7349-5977650.html)
Making the pre-holiday Sober outbreak even more lethal is the increasingly common tactic whereby virus writers release several variants of the same virus in quick succession to one another. This “rapid release storm” strategy makes traditional antivirus even less effective since virus signature databases must be created, updated, and downloaded by end users with each new variant. At least four variants of Sober were spreading quickly via email across the internet on November 14th. The combination of the virus being an effective mass mailer, being well designed from a social engineering perspective, and the fact that the writer used rapid release storm tactics, allowed this virus to really own the internet for about 48 hours, depending on who you use for antivirus.
I work for GatewayDefender, an anti-spam/anti-virus managed service company. We're seeing McAfee, Symantec and others drop the ball here. We estimate, based on fallout metrics here at GatewayDefender, that this Sober outbreak took a lot of individuals and companies by surprise and that traditional AV simply didn’t get the job done as well as it used to.
Look for these coordinated "rapid release storms" and zero-day exploits to become the norm.
--jmw
http://www.gatewaydefender.com
Story: Clock's ticking on new Sober onslaught |
Sober worm again PeterGooch -- Dec 7 2005, 10:33 PM PST |
Yup T O -- Dec 8 2005, 6:21 AM PST |
Proactive Virus Defense is Needed (repost) tenaciousJk -- Dec 8 2005, 8:14 AM PST |
CNET Networks is not responsible for the content of TalkBack posts submitted by our users.