Feeds

Email worm joins Blaster attack on Windows

Shot by both sides

  • alert
  • submit to reddit

The Essential Guide to IT Transformation

A new variant of the Sobig worm is spreading rapidly across the Internet this afternoon.

Sobig-F, like its predecessors, can spread via either email or (less commonly) network shares.

Infectious emails come with a variety of subject lines (eg. 'Your details', 'Re: Approved', 'Re: Your application', 'Re: Wicked screensaver', 'Re: That movie', 'Thank you!', etc.) and an infectious .pif or .scr attachment. Launching the infected attachment infects a computer, natch

Sobig-F scans infected PCs for email addresses prior to blasting out copies of itself using its own SMTP client using spoofed email addresses filleted from the compromised PC.

Advisories by F-Secure and Sophos provide more information.

The worm is spreading rapidly. Managed services firm MessageLabs had blocked Sobig-F 36,227 times since spotting it yesterday.

We're getting sick of saying this, but Sobig-F is a Windows-only menace. Mac, Linux, OS/2 and Unix users are immune.

For Windows users it's the now familiar routine of updating viral software, blocking executables at the gateway and crossing their fingers that the current viral plague will subside.

A substantial number of firms are beginning to question whether this approach is appropriate given the current onslaught of malicious code.

Firms like MessageLabs and Avecho.com argue that the only sensible place to block malicious code is before it reaches users whilst a new generation of behaviour blocking firms are coming forward with technology to lock down Windows PCs. ®

Related Stories

Blaster worm spreading rapidly
Blaster rewrites Windows worm rules
Windows Update still standing despite Blaster
Blaster variant offers 'fix' for pox-ridden PCs
Post Blaster, MS floats default auto updates for Windows
Today's latest mass mailing worm (Sobig-A)
Why spammers lurve the 'Microsoft support' worm
VX writers release sequel to infamous Sobig worm

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.