DaveN
Derwent Valley Birder
Following on from the MSblast thread last week I found this today.
The havoc caused by the Sobig Windows virus looks set to continue into the weekend.
The virus has generated so much e-mail that many inboxes are now completely full and are bouncing back new messages which is only adding to the problems Sobig is causing.
Net giant AOL said it had stopped more than 23 million copies of the virus and e-mail filtering firm MessageLabs said it had caught more than three million.
Security firms warn that the virus has a payload that is set to trigger on 22 August that could turn infected PCs into spam relays.
Data deluge
Many companies reported that their internal networks had suffered because of Sobig and the Welchi and MSBlast worms that preceded it.
Hundreds of thousands of PCs appear to be infected by the Sobig F virus, the sixth variant of a malicious program that first appeared in January this year.
Anti-virus firms were surprised at the success that Sobig has enjoyed as it relies on tricking people into opening it and clicking on its attachment to spread rather than via any technological tricks.
Security experts speculate that the virus was written to order for spammers who want to find a way to spread their unwanted commercial e-mails without fear of being traced.
The virus may get a further boost on Monday when many people in the US return to work after the holiday period.
E-mails bearing the virus are easy to spot because they have one of eight subject lines, most of which begin with "Re:".
Sobig has a sting in its tail. Between 1900 and 2200 GMT (2000-2300 BST) on Friday and Sunday the worm has been programmed to automatically point infected PCs to a server controlled by the virus writer from which a malicious program could be downloaded.
At the moment, anti-virus experts do not know could happen, but possibilities include launching another virus or spam attack, collecting sensitive information, or deleting files stored on an infected computer or network.
Virus flood
The web seems to have caught out a lot of people in China. About 30% of China's net users, about 20 million people, have been infected by the virus according to figures collected by Chinese security firm Beijing Rising Technology Shareholding Co.
The company put an unprotected PC on the net which was flooded with 5,000 Sobig messages within three hours.
"We haven't seen anything spread so fast," said a spokeswoman for Rising Technology. "It could get worse because there's very limited awareness of viruses and preventive measures."
Others suffered the effects of the virus too.
E-mail servers at the Massachusetts Institute of Technology were congested by the amount of messages Sobig created and defence firm Lockheed Martin said that although less than 1% of its PCs were infected this still caused disruption on its network.
Air Canada cancelled flights on Tuesday because its internal network was overwhelmed by the Nachi worm.
The Nachi or Welchi worm attempts to download software to fix a vulnerability exploited by the MSBlast virus.
Billy Boy
The havoc caused by the Sobig Windows virus looks set to continue into the weekend.
The virus has generated so much e-mail that many inboxes are now completely full and are bouncing back new messages which is only adding to the problems Sobig is causing.
Net giant AOL said it had stopped more than 23 million copies of the virus and e-mail filtering firm MessageLabs said it had caught more than three million.
Security firms warn that the virus has a payload that is set to trigger on 22 August that could turn infected PCs into spam relays.
Data deluge
Many companies reported that their internal networks had suffered because of Sobig and the Welchi and MSBlast worms that preceded it.
Hundreds of thousands of PCs appear to be infected by the Sobig F virus, the sixth variant of a malicious program that first appeared in January this year.
Anti-virus firms were surprised at the success that Sobig has enjoyed as it relies on tricking people into opening it and clicking on its attachment to spread rather than via any technological tricks.
Security experts speculate that the virus was written to order for spammers who want to find a way to spread their unwanted commercial e-mails without fear of being traced.
The virus may get a further boost on Monday when many people in the US return to work after the holiday period.
E-mails bearing the virus are easy to spot because they have one of eight subject lines, most of which begin with "Re:".
Sobig has a sting in its tail. Between 1900 and 2200 GMT (2000-2300 BST) on Friday and Sunday the worm has been programmed to automatically point infected PCs to a server controlled by the virus writer from which a malicious program could be downloaded.
At the moment, anti-virus experts do not know could happen, but possibilities include launching another virus or spam attack, collecting sensitive information, or deleting files stored on an infected computer or network.
Virus flood
The web seems to have caught out a lot of people in China. About 30% of China's net users, about 20 million people, have been infected by the virus according to figures collected by Chinese security firm Beijing Rising Technology Shareholding Co.
The company put an unprotected PC on the net which was flooded with 5,000 Sobig messages within three hours.
"We haven't seen anything spread so fast," said a spokeswoman for Rising Technology. "It could get worse because there's very limited awareness of viruses and preventive measures."
Others suffered the effects of the virus too.
E-mail servers at the Massachusetts Institute of Technology were congested by the amount of messages Sobig created and defence firm Lockheed Martin said that although less than 1% of its PCs were infected this still caused disruption on its network.
Air Canada cancelled flights on Tuesday because its internal network was overwhelmed by the Nachi worm.
The Nachi or Welchi worm attempts to download software to fix a vulnerability exploited by the MSBlast virus.
Billy Boy