3dfx Archive
http://www.falconfly.de/cgi-bin/yabb2/YaBB.pl
General Section >> News >> W32/Sobig.F Virus (Worm) on a Rampage
http://www.falconfly.de/cgi-bin/yabb2/YaBB.pl?num=1061308836

Message started by FalconFly on 19.08.03 at 18:00:36

Title: W32/Sobig.F Virus (Worm) on a Rampage
Post by FalconFly on 19.08.03 at 18:00:36
Since I received no less than 200 Virus EMails from infected Computers within the last 2 hours alone (!), thought to give everybody a head's up :P

The Worm is only a few hours old , and spreads via EMail.
That means no less, that most Antivirus Definitions in place are currently unable to counter it!

Looking at the incredible speed of distribution, this one must have hit the Internet like a Bomb !

Useful Links :

http://securityresponse.symantec.com/

http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f@mm.html

Title: Re: W32/Sobig.F Virus (Worm) on a Rampage
Post by procerus on 19.08.03 at 18:11:51
I haven't even received one!  :'(

Title: Re: W32/Sobig.F Virus (Worm) on a Rampage
Post by FalconFly on 19.08.03 at 18:15:09
Well, then you're lucky.

I always wonder how my EMail address manages to get into so many Browser Caches or Address Books :P

The infected Mails currently come in at a rate of ~5 Mails per Minute (!)

On the other side, that also means that alot of those are being sent with my EMail address faked & abused (which is a nasty thing all modern Worms do) >:(

Luckily, I can filter them out before having to download
them (Mailwasher is a really nice Tool ;D ).

Just imagine having to download 2000 Emails a 100kB per day on 56k, just to get the Inbox Clean :-X
Now that would be bad...
(* loves DSL ;) )

Title: Re: W32/Sobig.F Virus (Worm) on a Rampage
Post by FalconFly on 20.08.03 at 20:00:59
My EMail account is right now receiving in excess of 1000 of those EMails per day (!)

Title: Re: W32/Sobig.F Virus (Worm) on a Rampage
Post by Boiu_Andrei on 25.08.03 at 09:10:12
The truth behind everything...

I received some times (I believe there are 10 instances or so until now), files that have a strange ".pif" attached. Because noone would send me a file (without have been noticed before, or by the way in which the message is written), everytime I opened the file in a text editor, and as I suposed, it was an exe.

I don't understand why many persons are so eager to open (or run) each and every attachement they receive, don't they sense the danger?

Title: Re: W32/Sobig.F Virus (Worm) on a Rampage
Post by Boiu_Andrei on 27.08.03 at 09:50:58
More or less I would say...

Every times it seems there are more and more e-mail users that get their pc's infected. The fun part is that frequently when something is not working as thy think: it's a virus. But when the computer stops working, or crawls, it's because of Windows(obviously it isn't this the cause but a virus)...

"If you don't know what is wrong, find quickly a think to blame on, otherwise everyone will think that you are a sucker..."

I received this e-mail with the virus, but I wasn't surprised, I wanted to check how the virus is compiled, but this failed, since Norton Anti-Virus blocks the download. But probably I will find a way to fake him...

I remember of a stupid virus "Winkzgw" that I haved. No Anti-virus detected him, although parts from the ".exe" were spread along some program files. Of course the only solution was to do a manual clean and identify the files affected. I came very quickly to the conclusion that a file is not where it should be, since I knew very whell, what directory structure, and what type and number of files I have in the Windows and System directories.

But I wonder how much would take on a struggle on their own to find a clean a virus with no help from an Anti-Virus. Probably too few. Then I shouldn't be surprised of the number of incompetents, ignorant, in excess of credibility, who opened the attachements of their mail.

"Stupidity has a price, hopefully a good, strong enough to make you to reflect at how you shouldn't deserve to use some tools, if you don't know the instructions. More, on the second...nineth ocassion, you should realise that you are the problem. If not, go on, there is enough money to thow, don't mind..."

3dfx Archive » Powered by YaBB 2.4!
YaBB © 2000-2009. All Rights Reserved.