[SI-LIST] Re: Sobig-F virus

• From: Ray Anderson <Raymond.Anderson@xxxxxxx>
• To: si-list@xxxxxxxxxxxxx
• Date: Wed, 20 Aug 2003 10:19:07 -0700 (PDT)

This virus (Sobig-F)has been running rampant on the net for the past
few days.

As I understand it, the virus scavenges the net searching websites for e-mail
addresses (possibly the si-list archives). Once it has harvested a bunch of
addresses is sends out bogus messages using the addresses harvested in the
earlier step as the return address and target addresses. Then if some
unsuspecting person who receives one of the messages happens to run the
attachment (usually a .pif file) it installs a backdoor onto your system that
may allow the originator of the virus to access your system.  There may be
other actions it performs such as searching your disk for credit card numbers
and then e-mailing back to the virus originator.  Apparently there are at
least several versions of this thing going around.  Purportedly it deactivates
after Sept. 10, 2003. It only effects Windoze based platforms, so if you are
running unix, linux, a Mac or something else other than MS Windoze you are
immune from everything except the annoyance of multitudes of viral messages.

-Ray
si-list admin

>Hi
>
>Sorry for the broadcast.  I believe at least one person on this list has =
>the Sobig-F virus. =20
>
>It makes it LOOK like it somes from someone, but it actually comes from s=
>omeone else.  Our IT dept has so far blocked over 100 return e-mails back=
>=20to me.  However, it was just my address being used from someone's addr=
>ess book.
>
>Time for someone to do a scan!
>
>Cheers,
>Richard
>

------------------------------------------------------------------
To unsubscribe from si-list:
si-list-request@xxxxxxxxxxxxx with 'unsubscribe' in the Subject field

or to administer your membership from a web page, go to:
//www.freelists.org/webpage/si-list

For help:
si-list-request@xxxxxxxxxxxxx with 'help' in the Subject field

List archives are viewable at:     
                //www.freelists.org/archives/si-list
or at our remote archives:
                http://groups.yahoo.com/group/si-list/messages 
Old (prior to June 6, 2001) list archives are viewable at:
                http://www.qsl.net/wb6tpu
  

Other related posts:

• » [SI-LIST] Sobig-F virus
• » [SI-LIST] Re: Sobig-F virus

1. Home
2. si-list
3. Archive
4. 08-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---