New Worm Disguises Itself as Microsoft Patch

Security analysts are warning users to be wary of a new worm that disguises itself as a

Microsoft security patch for the MyDoom virus.

Roca-A, which also is known as Sober-D in some circles, was released into the wild on

Sunday and started hitting Germany and the United Kingdom right out of the gate. In the

past 24 hours, it has spread to other countries, including the United States.

The worm arrives in inboxes with the subject line: ”Microsoft Alert: Please Read”. The

body message refers to the detection of a new MyDoom variant.

The ZIP file attached to the email carries the Roca-A worm, according to analysts from

Sophos, Inc., a Lynnfield, Mass.-based anti-virus and anti-spam company. Once installed,

the worm will present a phony message stating that the patch has been installed correctly

or that no patch was needed.

The worm also is bilingual.

If Roca-A determines that it is being sent to a German email address, it will present

itself in German.

”As the Sober-C worm has shown in recent months, viruses which use more than one language

when communicating with users can be more successful at not raising suspicion,” says

Graham Cluley, senior technology consultant for Sophos. ”Companies should ensure their

anti-virus software is automatically updated, and screen for dangerous filetypes at their

email perimeter.”

This new threat hit the Internet just as a dramatic wave of viruses and variants appears to

be winding down. IT managers and the anti-virus community have been plagued over the last

few weeks by a barrage of variants from the Bagle, Netsky and MyDoom families. Upwards of

16 variants and new worms hit the Internet in a matter of weeks. As for the Bagle worm

alone, seven variants were let loose within a 72-hour period.

The security intelligence firm mi2g, which is based in London, released a report this

morning calling last week’s barrage of attacks ”historically unprecedented”.

So far, according to mi2g, the combined worldwide economic damage from Bagle, Netsky and

MyDoom has crossed $100 billion. The company lists Sobig, MyDoom and Netsky as the most

damaging malware in history.

The onslaught might have slowed slightly, but it certainly hasn’t stopped.

In the last few days, Roca-A was joined by several other viruses, including the K and J

variants of Netsky and the K variant of Bagle.

RELATED NEWS AND ANALYSIS

• Ethics and Artificial Intelligence: Driving Greater Equality

  FEATURE |  By James Maguire,
  December 16, 2020

• AI vs. Machine Learning vs. Deep Learning

  FEATURE |  By Cynthia Harvey,
  December 11, 2020

• Huawei’s AI Update: Things Are Moving Faster Than We Think

  FEATURE |  By Rob Enderle,
  December 04, 2020

• Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 18, 2020

• Key Trends in Chatbots and RPA

  FEATURE |  By Guest Author,
  November 10, 2020

• Top 10 AIOps Companies

  FEATURE |  By Samuel Greengard,
  November 05, 2020

• What is Text Analysis?

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 02, 2020

• How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 29, 2020

• Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 23, 2020

• The Super Moderator, or How IBM Project Debater Could Save Social Media

  FEATURE |  By Rob Enderle,
  October 16, 2020

• Top 10 Chatbot Platforms

  FEATURE |  By Cynthia Harvey,
  October 07, 2020

• Finding a Career Path in AI

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  October 05, 2020

• CIOs Discuss the Promise of AI and Data Science

  FEATURE |  By Guest Author,
  September 25, 2020

• Microsoft Is Building An AI Product That Could Predict The Future

  FEATURE |  By Rob Enderle,
  September 25, 2020

• Top 10 Machine Learning Companies 2021

  FEATURE |  By Cynthia Harvey,
  September 22, 2020

• NVIDIA and ARM: Massively Changing The AI Landscape

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  September 18, 2020

• Continuous Intelligence: Expert Discussion [Video and Podcast]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 14, 2020

• Artificial Intelligence: Governance and Ethics [Video]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 13, 2020

• IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI

  FEATURE |  By Rob Enderle,
  September 11, 2020

• Artificial Intelligence: Perception vs. Reality

  FEATURE |  By James Maguire,
  September 09, 2020