Miko Hyppönen, senior researcher with security firm F-Secure, said that this is a virus attack through the largest email path from the beginning of the year to the present time. The number of emails with Sober virus in recent years has reached an incredible high.
According to MX Logic, every 8 emails sent will have an email with Sober virus.
The latest variant of the Sober virus - called Sober.x, Sober.y, and Sober.z, depends on the different naming methods of different security firms - starting to spread online from the second week before and Strong boom in the next day. Analysts say the new variant of the Sober virus has been "successful" because of the virus programmer's skills.
This time, the new variant of the Sober virus hides itself in the title spoof letters sent from the FBI and CIA as well as international police agencies to trick users into opening attachments. Some fake fake videos of Paris Hilton or Nicole Richie.
Like other variants of the Sober virus, the new variant is also distributed through the SMTP engine - the main engine for email sending so that the virus can send its copies to addresses. The email is saved on the infected computer via port 25.
So security companies recommend that ISPs should lock port 25 in order to prevent the spread of new Sober virus variants.
Sophos security company classified Sober virus as the most dangerous, while Symantec and McAfee only rated this variant as moderately dangerous.