Click Here
home features news forums classifieds faqs links search
5630 members 
Amiga Q&A /  Free for All /  Emulation /  Gaming / (Latest Posts)
Login

Nickname

Password

Lost Password?

Don't have an account yet?
Register now!

Support Amigaworld.net
Your support is needed and is appreciated as Amigaworld.net is primarily dependent upon the support of its users.
Donate

Menu
Main sections
Home
Features
News
Forums
Classifieds
Links
Downloads
Extras
OS4 Zone
IRC Network
AmigaWorld Radio
Newsfeed
Top Members
Amiga Dealers
Information
About Us
FAQs
Advertise
Polls
Terms of Service
Search

IRC Channel

Who's Online
51 crawler(s) on-line.
 22 guest(s) on-line.
 4 member(s) on-line.


TrevorDick, BSzili, Fairdinkem, more...

You are an anonymous user.
Register Now!
 BSzili:  8 secs ago
 AP:  3 mins ago
 Fairdinkem:  3 mins ago
 TrevorDick:  4 mins ago
 wawa:  7 mins ago
 uponthevoid:  13 mins ago
 Trixie:  16 mins ago
 megol:  17 mins ago
 OlafS25:  48 mins ago
 bennymee:  54 mins ago

AmigaWorld - Amiga Community Portal


New computer virus hits inboxes

Date 20-Aug-2003 8:08:56
Topic: News


August is turning out to be a bumper month for Windows computer viruses.

Hot on the heels of the MSBlast and the Welchi worms has come a fast-spreading variant of the Sobig virus.

The first version of Sobig appeared in June of this year but the newest F variant seems to be the most successful so far.


Anti-virus firm MessageLabs said it had stopped some 40,000 copies of the virus in the last 20 hours and the BBC has received dozens of infected e-mails.

Confidence trick

Like the earlier versions Sobig F spreads by e-mail and by exploiting unsecured network links between Windows PCs.

When it spreads via e-mail, the virus fakes an e-mail address to hide its origins and regularly changes its form and the subject lines of messages it creates to make it harder to spot.

When it infects machines, it harvests e-mail addresses from Outlook address books and net page memory stores.

The suffix of the attachment bearing the virus also changes regularly but most often the malicious program masquerades as a screensaver (.scr) or a Windows program information file (.pif).

The filename of the attached file also changes regularly.

"The author of the Sobig worms has pulled this particular confidence trick several times before," said Graham Cluley, senior technology consultant at anti-virus firm Sophos.

"Releasing Sobig variants on different days of the week, and using slightly different subject lines and filenames, suggests that the worm's author may be trying to find the 'perfect' conditions under which his viruses can spread most quickly," he said.

Fast spreading

Sobig F has now been seen in 60 countries and currently seems to be most prevalent in the US. MessageLabs said Sobig F was "spreading vigorously".

Anti-virus firms urged users to update security software to block the latest variant.

E-mail users are being warned to be wary of messages bearing subject lines such as: Re: details, Re: approved, Re: Thank You, Re: That movie, Re; Wicked Screensaver or Your Details.

"All computer users should exercise caution when deciding what is safe to run on their computers," said Mr Cluley.

The Sobig F virus has a built-in timer that will stop it working on 10 September 2003.



This article comes from AmigaWorld - Amiga Community Portal
https://amigaworld.net

The URL for this story is:
https://amigaworld.net/article.php?storyid=798