If someone starts capitalizing on the crossover worm, and we start to see increased activity, then we can talk about a global threat. It's a little premature at this time.
You should boot from a clean disk before removing a virus. Some viruses can't be cleaned any other way.
Pay for one commercial package and add one or more free programs. Set the primary package to scan all the time and use the second ary programs only when you need them, so they don't conflict. It's like getting a second opinion from a doctor.
This could serve as a springboard for more attacks on the Macintosh because it might spawn copycats.
The attack, if it comes, could come anytime after the afternoon and the evening of the 5th.
It shows increased activity and viability for future Macintosh-based threats on the Mac OS X platform.
This is not something I would expect to yield very high profits for criminals as compared to other types of financial fraud and extortion that might take place. Many people have backups of their files, and now the code has been cracked.
This is one of those big, under-the-radar threats that we've been concerned about. There has been a trend away from big-bang attacks to very targeted and sophisticated attacks that take place right under your nose. This is one of them.
The reality is that there could have been hundreds of thousands of computers with overwritten files today. Instead, we only have a handful of reports, and that is a hands-down victory for the collaborative effort of the security community.
Then, we thought maybe the police had gotten inside the group that made Sober and might be close to an arrest. But now it's likely that they found a date coded inside an earlier version of the worm.
