• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

SoBig.F Virus

 
Ranch Hand
Posts: 2937
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I checked my yahoo mail this morning, and found that the inbox was filled with over 6Mb of emails with attachments overnight, all from different senders, but more or less the same subject line. Suspecting the big trouble, I went to cnn.com, and sure enough, it's one of the top stories today:
SoBig.F breaks virus speed records
Looks like this prticular virus is much more sophisticated than the others, -- I got a few system admin messages informing me that the email with the virus was sent from my email address, yet I know for sure that I never opened the attachment of the mail message. It is as though the virus is able to activate itself when you open the mail message itself.
It's probably exploiting one of those known Unpatched IE security holes
Very troubling!
 
Ranch Hand
Posts: 3404
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

-- I got a few system admin messages informing me that the email with the virus was sent from my email address


Ditto. So far have managed to clear them.( I got someone else to double-check). I was wondering if there is software that would detect the virus on the host computer and reject output from an infected computer ? IE a registry of repeat offenders should be dropped from the internet!
I do have Norton Internet Security Professional installed and have the firewall enabled. Norton Anti-Virus also scans incoming and outgoing e-mails. So why is my computer still vulnerable ? Does the virus disable the firewall?

regards
[ August 22, 2003: Message edited by: HS Thomas ]
 
mister krabs
Posts: 13974
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Eugene Kononov:
I got a few system admin messages informing me that the email with the virus was sent from my email address, yet I know for sure that I never opened the attachment of the mail message.


Exactly how hard do you think it is to spoof an email address?
 
Greenhorn
Posts: 28
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Most likely you do not have the virus, your email was just found in some txt file or other file and spoofed to send an email. My account here at work was spoofed a dozen times, but I know for sure I do not have the virus.
For more information on these worms/viruses you should visit norton or macafee's websites.
Here is what norton has to say about SoBig
http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f@mm.html
 
reply
    Bookmark Topic Watch Topic
  • New Topic