News

Garber Announces Advisory Committee for Harvard Law School Dean Search

News

First Harvard Prize Book in Kosovo Established by Harvard Alumni

News

Ryan Murdock ’25 Remembered as Dedicated Advocate and Caring Friend

News

Harvard Faculty Appeal Temporary Suspensions From Widener Library

News

Man Who Managed Clients for High-End Cambridge Brothel Network Pleads Guilty

Viruses Target Harvard Computers

Sober.Q virus is responsible for spam messages in German

By Matthew S. Lebowitz, Crimson Staff Writer

A large volume of virus-related e-mail has been plaguing Harvard accounts in recent days as two viruses have infected many computers on the Faculty of Arts and Sciences (FAS) network.

Director of Residential Computing Kevin S. Davis ’98 identified the “Mytob” and “Sober.Q” viruses as “the main thing that we’ve been seeing over the last couple of days.”

According to Davis, who is also a Crimson editor, Sober.Q is a successor of an earlier worm called Sober.P, which “went out a few weeks ago.” Davis said machines worldwide that had previously been infected with Sober.P “received an instruction” to download Sober.Q over the weekend.

Mytob is a worm that installs a “root kit” or “back door” on infected computers, giving those behind the virus “root”, or full access, to those machines, Davis said. He added that such “root kits” are a tool commonly used in “Denial-of-service” (DoS) attacks, which seek to disrupt a network by overloading it, thereby causing users to lose service.

Sober.Q is responsible for the e-mails many students have received in recent days containing messages in German or links to online German news articles. Some of these e-mails, which were obtained by The Crimson, have subject lines such as “The Whore Lived Like a German” and “Du wirst zum Sklaven gemacht!!!” (which roughly translates to “You are made slaves!!!”).

“This is something that’s happening Internet-wide,” Davis said, citing websites such as CNET’s News.com, which reported the spread of Sober.Q.

He said the German e-mails being spread by computers infected with the Sober.Q virus may be an attempt to promote right-wing politics.

Davis said that a virus whose mission is to spread a political message rather than merely propagate itself is “a little bit unusual.” He added that Harvard’s FAS Computer Services (HASCS) still recommends that network users never click on the links in these e-mails, even though they do not appear to be infectious.

“This is clearly an attempt to try to get some sort of publicity around some political message,” Davis said. “There are all kinds of reasons for writing a computer virus.”

The Mytob virus is responsible for the recent wave of e-mails that falsely appear to be from University e-mail addresses.

These messages urge their recipients to download a file attachment, which actually contains the virus.

“This worm has tricked quite a few people into clicking on it, unfortunately,” Davis said.

He said HASCS was “extremely busy” on Monday dealing with these virus threats.

“We had about twice our regular volume of phone calls and an extraordinary number of students in our clinic,” he said. “At least 25 came in the first hour after we opened.”

Davis recommended that students always run firewall and anti-virus software on their computers to protect them from threats, and that they exhibit heightened vigilance.

“If someone sends you a message that doesn’t look quite right...be a little suspicious,” he said.

He added that HASCS “will never send an attached file in an e-mail.”

—Staff writer Matthew S. Lebowitz can be reached at mslebow@fas.harvard.edu.

Want to keep up with breaking news? Subscribe to our email newsletter.

Tags