Go Back   The Scream! > COMPUTER RELATED > PC Security
Reload this Page Today's latest mass mailing worm
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 13-January-2003, 20:09
gem's Avatar
gem gem is offline
 
Join Date: May 2001
Location: @Home in Sturminster Newton, Dorset
Posts: 5,364
Exclamation Today's latest mass mailing worm
From The Register
Today's latest mass mailing worm
By John Leyden
Posted: 13/01/2003 at 13:11 GMT

There's precious little sign of any let-up on the virus front, with the emergence of a new mass-mailing worm.

The (perhaps aptly) named Sobig-A is a mass-mailing worm that incorporates an SMTP engine. The worm spread rapidly across the Internet last weekend, after first appearing on Thursday morning.

Managed services firm MessageLabs has, to date, blocked 16,969 copies of the bug. Sobig-A is most active in the UK and The Netherlands, from where the first copies of the bug were seen.

The worm normally spreads by email containing infectious .pif attachments (though it can spread through open Windows shares). Windows users daft enough to click of those attachments will get infected, and spawn a whole fresh batch of infections. Sobig searches the hard disk of infected users for email addresses of possible further victims. It also attempts to download files from the Net, as explained in more depth in an advisory by AV vendor Sophos.

Typical subject lines of infected emails include: Re: here is that sample, Re: Movies, Re: Sample and Re: Document. Messages normally come from the email address big@boss.com (hence the name given to the virus).
What else? Oh, as usual, the worm only burrows into Windows boxes leaving Apple and Linux users immune to its effects.

Standard precautions apply: update your AV software and consider striping executable attachments from email.
You know it makes sense. ®
__________________
GEM
Reply With Quote

  #2  
Old 13-January-2003, 20:20
Tony
Guest
  
Posts: n/a
Default
had a few mails today that norton has picked up

most subtle one was one with an ebay address telling me i had been outbid, i do buy on ebay but had no bids in so knew something was wrong

the trouble these people go to to try and spread their rubbish
Reply With Quote
  #3  
Old 14-January-2003, 09:48
Memfis Memfis is offline
 
Join Date: Feb 2002
Location: TS! Team Mansion
Posts: 3,860
Default
/me deciedes he had better install McAffe thats been sat on his desc for the last 2 months . . . . .

P.s. Watch out for the new irc Virus.

~Mem
Reply With Quote
  #4  
Old 19-January-2003, 17:06
gem's Avatar
gem gem is offline
 
Join Date: May 2001
Location: @Home in Sturminster Newton, Dorset
Posts: 5,364
Exclamation Look Out!
I received an email today from big@boss.com with the heading 'Movies'. It clearly DID contain W32/Sobig@MM which McAfee detected while it was downloading, so be aware.
__________________
GEM
Reply With Quote
Reply

Edit Tags
Tags
None

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 08:19.

Contact Us - The Scream! - Privacy Statement - Top

Powered by vBulletin® Version 3.7.4
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
Copyright ©1999-2009 The Scream!