So, we've seen the recent SOBER variants used their own SMTP engine to propagate as well as a predefined list of usernames and passwords at ISPs to send themselves.
We've also seen that keeping viruses and spam out of our mailboxes is easier when we can identify the sender as a zombie, and that it is harder when the junk is coming from a valid ISP and/or user at an ISP. http://www.viruslist.com/en/weblog?done=vlpolls_resp155596558 Well, Kaspersky is reporting that the latest SOBER is also stealing (at least) Outlook usernames and passwords from infectees. Therefore, we can reasonably expect more junk coming from AUTH'ed senders. Andrew. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
