FBI warns of virus on fraudulently addressed e-mail

By
|
Posted on Nov 23 2005
Share

Starting Nov. 21, 2005, field offices of the Federal Bureau of Investigation across the country have been swamped with complaint calls from recipients of a fraudulently addressed e-mail within a two-hour period.

According to Charles L. Goodwin, FBI Special Agent in Charge in Honolulu, Hawaii, the e-mail was purporting to be from the FBI from the following fake email addresses department@fbi.gov, mail@fbi.gov, etc. The emails contained an attachment named “question list.zip.” It appeared from a preliminary investigation that the attachment contained a malicious code named W32/Sober.gen@MM.

McAfee anti-virus software detects the malware as the W32/sober.gen@mm virus. The “.gen” extension means that the anti-virus software recognized this as a variant in the W32/sober virus family, but cannot pinpoint the specific variant. This is probably because this is a new, yet uncharacterized, variant.

Preliminary analysis shows that on execution the malware carries out the following actions:

– Produce pop-window that appears to be an error message containing the text “Winzip Self Extractor-Error in packed header”.

– Opens and reads files on the hard drive. This is consistent with the e-mail harvesting behavior of the W32/Sober viruses.

– Sends multiple e-mail messages from the affected system to e-mail addresses likely harvested from the hard drive. The e-mail messages contain a copy of the malware in the form of a file attachment.

As a result of this malware, McAfee recently issued an update to their W32/Sober.gen@mm description at http://vil.nai.com/vil/content/v_102139.htm Symantec (Norton) is now calling this virus W32.Sober.X@mm.

Goodwin said that these e-mails did not come from the FBI. “Recipients of this or similar solicitations should know that the FBI does not engage in the practice of sending unsolicited e-mails to the public in this matter. Opening e-mail attachments from an unknown sender is a risky and dangerous endeavor as such attachments frequently contain viruses that can infect the recipient’s computer,” he said in a statement.

The FBI strongly encourages computer users not to open such attachments, install current windows updates, and install/update anti-virus software.

“The FBI takes this matter seriously and is investigating. Users are instructed to delete the e-mail without opening it,” Goodwin added. (PR)

Disclaimer: Comments are moderated. They will not appear immediately or even on the same day. Comments should be related to the topic. Off-topic comments would be deleted. Profanities are not allowed. Comments that are potentially libelous, inflammatory, or slanderous would be deleted.

POLL

This poll is no longer accepting votes

Has the Japanese government adequately explained the reasoning behind its decision to dump treated wastewater from the destroyed Fukushima power plant into the Pacific Ocean?
VoteResults

NEWSLETTER SIGN UP

TAGA Plus

February 2023 - April 2023 Issue

Today’s Front Page

July 2023

Life and Style

Whale of a carve nets Kohler win

Posted On Nov 02 2022

Making new memories of food and fun at the Miyako

Posted On Sep 11 2020

A book on culture, tradition and over 100 Chamoru recipes

Posted On Jun 01 2020

Environment

Report: FSM faces health threats, stronger storms from climate change

Posted On Jul 20 2023

Conference highlights UOG Marine Lab’s quest to restore reefs

Posted On Dec 29 2022

Grant heightens interest in agriculture, beekeeping

Posted On Jun 30 2022

CAMPUS LIFE

MCS Q1 HONOREES

Posted On Nov 01 2019

NMC to host another free info session

Posted On Jul 31 2019

New faces, new school year at Mount Carmel

Posted On Jul 22 2019

Community

COMMUNITY BRIEFS - July 6, 2023

Posted On Jul 06 2023

COMMUNITY BRIEFS - July 3, 2023

Posted On Jul 03 2023

COMMUNITY BRIEFS - June 16, 2023

Posted On Jun 16 2023

BIBA MARIANAS!

Ralph

Torres and OPD break grounds on the Garapan Revitalization Project

Posted On Nov 15 2022
woman weaving

Hafa Adai-Tirow Cultural Experience on Tuesdays, Thursdays

Posted On Aug 04 2022

MVA welcomes new, returning members for FY 2022

Posted On Sep 16 2021

Weather Forecast

Failure notice from provider:
Connection Error:http_request_failed




ABOUT US

ABOUT US

 

The Saipan Tribune gives its readers timely, accurate, balanced, and wide-ranging coverage of what is happening in the Northern Mariana Islands and around the globe.

SITEMAP    POLICY

Copyright © 2025 Saipan Tribune