HomeSystemVirus Removal - Spyware

The algorithm of 'killer' Sober has been broken

Security firm F-Secure Corp has announced that it has successfully dismantled the algorithm used in the Sober worm. This success promises to help the anti-virus program completely block the variants of the Sober worm.

The algorithm of 'killer' Sober has been broken Picture 1

Sober has been "rampaging" around the Internet since October 2003, with about 20 different variants.The latest variant according to F-Secure is Sober.Y (US-CERT called CME-681), which infects more than 40% of the machines infected by the worm and virus that F-Secure discovered.

One of Sober's most dangerous features is its ability to automatically download new variants, and instantly infect other computer systems very quickly.According to security firm iDefence, the new Sober.Y variant will update itself to the new variant from the Web page named: Jan.5 and will spread on January 5, 2006.

For a long time, anti-virus researchers have had trouble analyzing virus patterns, to find out the location of the worm's spread.Because the URLs used in Sober variants are generated from a secret algorithm.Sober used this algorithm to generate random URLs based on dates.

These URLs usually point to Web sites in Germany and Australia, because the servers here allow hosting of Web sites for free.The author of the worm only needs to calculate the URL beforehand on any day.When he wants to run a program on an infected computer, he only needs to register a legitimate URL, upload his program and very quickly, hundreds of thousands of computers worldwide. will be infected.

Sober uses a list of 15 Web sites that contain different characters based on dates, registered from free Web site providers, such as a Web site with a bizarre name like: Jan.5 . After every 14 days, this list will change the other 15 Web sites, the name will now be Jan.6 .

F-Secure claims it has broken the algorithm used by Sober.That helps to determine the actual URL address that new variants of the worm will be downloaded easily and simply.Once you have identified which URLs are deeply distributed, Web server managers can immediately block these Web sites, as well as make a list of those Web sites on the list of prohibited access in their firewalls. company.

F-Secure also added that it had actually cracked Sober's algorithm in May 2005.But the company did not publish publicly but waited until this point to monitor Sober's actions.

Minh Phuc

4 ★ | 1 Vote
soberwebsitesworm

You should read it

May be interested

  • Sober is back today?Sober is back today?
    security experts around the world predict that the sober virus will return today - january 6, 2006. but is the virus really triggering a new wave of virus on the global network as it is already
  • The 5 reasons why killer whales are 'cold-blooded' geniuses of the oceanThe 5 reasons why killer whales are 'cold-blooded' geniuses of the ocean
    they are not only strong, intelligent, agile, clever, but also possess an admirable kind of love in the natural world.
  • Sober is the most dangerous virus of 2005Sober is the most dangerous virus of 2005
    the powerful explosion of the new sober virus variant last week was assessed as the most scalable attack by email path of dangerous parts in 2005. miko hyppönen, senior researcher of security firm f-secure, suppose this is the end
  • Top phones named Flagship killer in 2022Top phones named Flagship killer in 2022
    flagships are high-end phones with leading new features and technologies, and they don't come cheap. meanwhile, flagship killers are phones with similar hardware to flagships but at a much cheaper price.
  • Binary Search algorithm (Binary Search)Binary Search algorithm (Binary Search)
    binany search is a fast search algorithm with runtime complexity of Ο (log n). the algorithm of binary search works based on the principle of division and rule (divide and conquer). in order for this algorithm to work correctly, the data set should be in sorted form.
  • What is algorithm?What is algorithm?
    algorithms (also known as algorithms - english is algorithms) is a finite set of instructions to be executed in a certain order to get the desired result. in general, the algorithm is independent of programming languages, ie an algorithm can be deployed in many different programming languages.
  • Video: Killer whale battle great gray whale, who is the sea king?Video: Killer whale battle great gray whale, who is the sea king?
    a herd of killer whales attacked the mother of the gray whale. their target is the protein tongue of a baby gray whale.
  • Shell Sort in data structure and algorithmShell Sort in data structure and algorithm
    shell sort is a highly efficient sorting algorithm based on insertion sorting algorithm (insertion sort). this algorithm avoids the case of swapping positions of two distant elements in the selection algorithm (if the smaller element is in the right position quite far from the larger element on the left).
  • Latest Survive The Killer Code and How to Enter CodeLatest Survive The Killer Code and How to Enter Code
    survive the killer code to get knives, money, exp and more in the game. this will help you achieve the game content easily without spending much time in the game.
  • How does YouTube algorithm work?How does YouTube algorithm work?
    have you ever wondered how youtube algorithm works?

Virus Removal - Spyware