Elena mentioned that the DF contact email address is being deluged with the latest worm. Since the worm picks up email addresses from visited web pages, and even from text files (such as readme1st.txt) - that means that a number of folders and/or former folders are infected.

If possible, pass the request on to all your teammates to scan all of their windows machines that can receive email:

http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

(or pick the removal tool from your favored anti virus dealer).

Put a stop to the wasted bandwidth! Reclaim those lost cpu cycles for science, not Spamming.. :)

Passed along

Thanks for the heads up :)

Or, you could just not run Windows. Or not blindly run attachments from obviously suspicious messages. Or not run Outlook or Outlook Express as your MUA (not for SoBig, but for other viruses).

Or clean Outlook and/or OE from your system entirely (note: I'm not actually sure whether this is possible...), so that SoBig simply can't send itself automatically.

Anybody wonder why very, very few other MUA's are automatable?

Am I sounding cynical yet? ;)

Originally posted by bwkaz
Am I sounding cynical yet? ;) Maybe just a wee bit... ;)

If you DO run Windoze, and many of us have no choice, at least on all machines, something like ZoneAlert (http://www.zonelabs.com) is another fine choice. There is a free version of this for personal use and it makes a very effective firewall. (There are several programs like this available on the market.)

Note that the Sobig worm doesn't depend on using your mail program, it's got its own built-in. But when it tries to send its stuff, ZoneAlarm will say, "Hold the works. You're a new program attempting to access the internet and I've gotta get permission from the Boss." It pops up an alert and you can tell it, "No way!"

Now, you've gotta get it off your system, but at least you didn't spread it around! :thumbs: Just an idea...

Originally posted by Paratima
Note that the Sobig worm doesn't depend on using your mail program, it's got its own built-in. I stand corrected then. ;)

I didn't know that worm writers were smart enough to understand SMTP... guess I'll have to rethink that assumption. :p

The FBI is saying that SoBig is a professional job.... What it was scheduled to do was quite amazing. Fortunately they managed to shut down the 20 or so comps that it was supposed to contact for further instructions....

Yep. Everything I've heard is that they're all pretty amazed at the way it's put together.
Clever, yes. Low-life pond scum and terrorist bastards, definitely! :swear:

I don't think I could dig deep enough to come up with any sympathy for virus authors.

I agree with everything you say, Paratima - if they'd only divert their skills to something useful :mad:

Ya, like forcing security patches on un-suspecting or clueless 'victims' for starters. :thumbs:

Yeah, when i do my windows update, i quite often notice that i'm patching to remove "could possibly allow an intruder to execute code" weaknesses.

somebody should write a program that hacks into those vulnerable systems, installs a virus detector, then runs windows update :)

Originally posted by Kileran
somebody should write a program that hacks into those vulnerable systems, installs a virus detector, then runs windows update :)
:) Link (http://news.bbc.co.uk/1/hi/technology/3163001.stm)