W32.Sobig.F@mm

User avatar
Tyby
Dungeon Keeper
Posts: 602
Joined: Sun Jul 06, 2003 10:39 pm
Location: Bucuresti
Contact:

W32.Sobig.F@mm

Postby Tyby » Tue Aug 19, 2003 7:20 pm

W32.Sobig.F@mm - noua amenintare pe piata de profil ... mai multe:

http://securityresponse.symantec.com/av ... .f@mm.html

tinand cont ca-i aparut doar de cateva ore si deja a intrat in cat 3 la Symantec, nu-i de glumit ... luati-va masurile necesare.
Last edited by Tyby on Fri Dec 05, 2003 8:26 am, edited 2 times in total.
formerly known as gaurika ...

May the best from your past be the worst in your future!

Tyby out!

User avatar
sl0bizz
elder
elder
Posts: 671
Joined: Mon Jul 14, 2003 7:33 pm
Location: Boston
Contact:

Postby sl0bizz » Tue Aug 26, 2003 7:49 am

mterial realizat de CNet.com
http://rss.com.com/2100-1002_3-5067886. ... &subj=news

Experts: Sixth son of Sobig not the last
Security researchers believe that the creator of the Sobig mass-mailing computer virus won't stop with Sobig.F--the money may be too good.
The Sobig viruses--the first of which started spreading in January--are designed to load special software that can anonymize spam onto people's PCs. The tens of thousands of computers infected by the virus can then be used by bulk e-mailers to send unsolicited messages that can't be tracked.
"It is very well planned, very well designed and very well executed," said Mikko Hypponen, director of antivirus research for security company F-Secure. Hypponen believes that the virus' author likely sells the list of compromised PCs to spammers. "For once we have a virus with a very good motive: money."
The Sobig viruses are perhaps the first to be used as moneymakers, and that means it's likely the programmer, or group of programmers, that created the latest variant won't stop, said Joe Stewart, senior security researcher for network-protection company Lurhq.
"I do think we will see a new variant soon," Stewart said. Stewart has been studying each iteration of the Sobig virus and believes that, despite heightened law enforcement interest in finding the author, it's unlikely he or she will stop or be found. "The guy obviously knows how to use proxy servers (to achieve anonymity). To think you can track him down using an IP (Internet protocol) address down is pretty far-fetched."
The Sobig.F virus started spreading a week ago, apparently from Usenet news groups where the author had posted it in the guise of a pornographic picture, according to Easynews.com--the service that had been used to post the file. Phoenix, Ariz.-based Easynews reported that it had been served a subpoena by the FBI and had provided the bureau with an apparently stolen credit card number that had been used to purchase the account.
"It appears the account was created with a stolen credit card for the sole purpose of uploading the virus to the Usenet network," Michael Minor, chief technology officer of Easynews, said in a statement Friday.
The FBI couldn't immediately be reached for comment.
The Sobig.F virus spreads by harvesting e-mails from Web pages and from an infected computer's address book. It sends a copy of itself to the addresses in an e-mail message with subject lines such as "Your Details," "Re: Approved" and "Thank you!" The virus also spreads by copying itself to shared network hard drives that are accessible to the infected computer.
Sobig.F has spread aggressively, sending far more e-mails with copies of the virus than any such program to date. The computer virus clogged corporate e-mail systems early last week, as every message had to be digitally checked for the virus before being passed on to the recipient's computer.
The latest Sobig virus uses an e-mail address other than the victim's as the apparent source of e-mail messages that it sends to spread itself. Many antivirus systems send alerts to the apparent senders of viral e-mail messages notifying them that they are infected--even when the malicious program is known to forge the source's e-mail address. The result is more e-mail clogging in-boxes and more confusion as users have to deal with additional messages accusing them of being infected.
Joe Hartmann, North American director for antivirus research at security-software company Trend Micro, believes that the FBI has its work cut out for it when it comes to catching the perpetrator.
"The person is really trying to make sure that he isn't going to get tracked down," Hartmann said. "Open proxies, stolen credit cards--it's not going to be easy."
Daca va prisosesc sau va trebuie obiecte, incercati Freecycle Bucuresti. Daca nu va trebuie nimic, ma supar.

User avatar
originaltup
elder
elder
Posts: 1749
Joined: Sun Jul 06, 2003 11:52 am
Location: Ohio

Postby originaltup » Fri Aug 29, 2003 4:57 pm

Mai e de groaza cu asta, imi vin in bulk o gramada cu el. Si am vazut si la altii ca vin. Asa ca atentie la bulk-uri.
Si inca ceva, daca imi vin bulk-uri virusate de la oameni pe care ii cunosc, inseamna ca respectivii sunt virusati?

PS. doar pe adresa principala de pe yahoo vin, restul inca sunt fara probleme.

User avatar
eugen
Site Admin
Posts: 687
Joined: Sat Jul 05, 2003 10:42 pm
Contact:

Postby eugen » Fri Aug 29, 2003 7:13 pm

mesajele alea vin pentru ca in pc-ul virusat exista atat adresa ta cat si a oamenilor pe care-i cunosti (si asta in orice fisier in care worm-ul gaseste o adresa de mail, nu doar in address book). e posibil ca si lor sa le vina mesaje de la tine, si de la alte adrese, mai mult sau mai putin fanteziste. uite-te la full headers sa vezi de unde e de fapt mail-ul.

User avatar
Nick
junior
junior
Posts: 33
Joined: Fri Aug 08, 2003 8:00 pm
Contact:

Postby Nick » Sun Aug 31, 2003 7:49 pm

Eu am primit un mail virusat de la tine, Originaltup :)...si eu care credeam ca vrei sa iesim la o bere.
Let's have a beer:)

User avatar
originaltup
elder
elder
Posts: 1749
Joined: Sun Jul 06, 2003 11:52 am
Location: Ohio

Postby originaltup » Sun Aug 31, 2003 9:04 pm

Hai ca asta e buna!!! Pai de unde naiba ca eu nici nu am mailul tau si nici nu l-am avut vreodata. Adica am vazut ca am mailuri virusate in bulk (accidental ca nu prea ma uit ce vine in bulk, sterg direct) dar oricat ar fi el de smecher cum a gasit adresa ta de unde nu e? Sau e nevoie de un third-party, sau ti-au venit din mailul propriu, sau faci misto. Care sa fie?

User avatar
Nick
junior
junior
Posts: 33
Joined: Fri Aug 08, 2003 8:00 pm
Contact:

Postby Nick » Mon Sep 01, 2003 8:28 pm

Chiar nu fac mishto...si eu am ramas la fel de surprins ca si tine...este ceva putred la mijloc :lol: ...nici eu nu am avut vreodata adresa ta de mail pe undeva asa ca nu-mi explic.
Let's have a beer:)

User avatar
originaltup
elder
elder
Posts: 1749
Joined: Sun Jul 06, 2003 11:52 am
Location: Ohio

Postby originaltup » Mon Sep 01, 2003 10:11 pm

Probabil a ajuns pe undeva pe unde erau ambele puse la un loc si de acolo s-a descurcat singur.


Return to “Software”

Who is online

Users browsing this forum: No registered users and 7 guests