Google
Web pcflank.com
PC Flank Logo
 Make sure
you're protected
on all sides
 Test Your System
 About PC Flank's tests
 PC Flank Leaktest NEW!
 Quick Test
 Stealth Test
 Browser Test
 Trojans Test
 Advanced Port Scanner
 Exploits Test
 Ask the experts
 Leak Tests Catalog NEW!
 FAQ
 Glossary
 Community
 Forum
 Security Center
 Software Store
 Books Store
 Articles Library
 Software Reviews
 Interviews

 

Tip of the day
If you use Windows, regularly check for new security patches from Microsoft.
Security News

Sobig is so rapid!

August 21, 2003

Anti-virus experts have issued warnings about yet another Internet worm rapidly spreading around the world. One of the most common viruses known to security companies as SoBig.F made a comeback, spreading rapidly through e-mail messages.

The fastest-spreading e-mail worm ever is the fourth major malicious agent to hit the world's computers this week. MessageLabs Inc., a company that filters e-mail for corporate clients around the globe, said it intercepted more than a million messages that carry the virus on Tuesday.

Sobig.F, like previous versions of the virus, uses an e-mail address other than the victim's as the apparent source of e-mail messages that it sends to spread itself.

The worm arrives with subject lines such as "Re: Details", "Re: Wicked screensaver", "That movie", "Resume" and "Thank you".

The body usually contains either "See the attached file for details" or "Please see the attached file for details."

If the attachment is launched of the malicious email is opened - victim's PC becomes infected. Attachment names may include: your_document.pif, details.pif, your_details.pif, thank_you.pif, movie0045.pif, document_Fall.pif, application.pif, and document_9446.pif.

Sobig.F carries a Trojan horse, that can turn victims' PCs into very efficient spam engine.

The virus gathers e-mail addresses from several different locations on a computer, like the Windows address book and Internet cache, and sends e-mails to each one. Sobig.F spoofs the sender name, thus the From line is no indication of the actual sender nor of the infected person from which the worm is being unknowingly sent.

There has not been so much virus activity since the Code Red and Nimda worms hit about a year ago.

Meanwhile Microsoft Corp. released yet another cumulative security patch for Internet Explorer on Wednesday. Users who don't patch their systems could leave the computers open to attack through a fake Web page or an HTML e-mail that contains the specific exploit code. The flaws fixed by the patch are rated as "critical" in the advisory posted on microsoft.com.

  Discuss this article on the Forum

 
 
Start Page
Make "PC Flank" your   
Start Page!   
Make

 
In the Spotlight
» One man's job

» Outpost Firewall Pro Review

   
 

 
Sponsored links


   
 
Related Links
» Blaster worm
exploits
Windows flaw

   
 

 
   
Outpost Firewall PRO 3.0 - complete protection on the Internet!

Secure Internet surfing with Oupost personal firewall with antispyware and free firewall available for download at www.agnitum.com. 		 
Privacy Policy
    Advertiser Info		 Site Map
    Contact Us

 
 
© 2006 PC Flank Ltd. All rights reserved.