[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Am sure I'm not alone, but Sobig virus is raging today

To: maury <maury@webtexas.com>, Michael Stabin <michael.g.stabin@vanderbilt.edu>
Subject: RE: Am sure I'm not alone, but Sobig virus is raging today
From: "Dukelow, James S Jr" <jim.dukelow@pnl.gov>
Date: Sun, 24 Aug 2003 13:43:35 -0700
Date: Sun, 24 Aug 2003 15:43:45 -0600
Thread-Index: AcNqebW76iAQb364RlyAOSu6ENGrUAABZiZ1
Thread-Topic: Am sure I'm not alone, but Sobig virus is raging today

Hi Maury,



During my travels my work email received something on the order of 2000 copies of SoBig or notifications that our system anti-Virus software had deleted the virus package from a message.  I have received a few dozen today.



My understanding of how the worm works is that when it infects a machine it will go searching from email addresses.  When it finds one, it apparently both attempts to infect that machine and also uses that email address as a bogus return address on messages it send out carrying the worm payload.



So, if your email is found on an infected machine, you will both be attacked and messages will be sent out that make it look as if you are attacking other machines.



At this point, I think the best policy is to delete WITHOUT opening ANY message looking the least suspicious, particularly if it has an attachement.



Best regards.



Jim Dukelow

jim.dukelow@pnl.gov







-----Original Message-----

From:	maury [mailto:maury@webtexas.com]

Sent:	Sun 8/24/2003 12:56 PM

To:	Dukelow, James S Jr; Michael Stabin

Cc:

Subject:	Am sure I'm not alone, but Sobig virus is raging today



Hi,

Just wanted to pass on what is happening today on Sobig. This the most

intense flooding I have experienced so far.  Have no idea if it is

affecting Radsafe or Riskanal, but I am actively making sure that my own

machine stays "clean".



I am receiving an overwhelming number of emails with attachments

containg the sobig virus. Norton is not picking up the virus in the

attachments, but there is no problem so long as I continue to recognize

them and do not open the attachments. By overwhelming, I mean now about

95% of the 70-90 emails per day that I receive. Just to be certain that

I'm not contributing to the problem, I'm running the Norton "sobig

removal tool" every couple days. The extensions are inevitably .pif and

the size is always about 97-103K. The subject lines are very tempting --

including even bogus notices of undeliverable email. It also appears

that my email address is being used falsely as the return address on

bogus email containing the virus attachment. It will be a relief when

this episode subsides.



Maury Siskel

Prev by Date: RE: California Set to Begin Inspecting Trucks Crossing State Line s for Nuclea...
Next by Date: Hormesis explains aging reversal chemicals
Prev by thread: RE: California Set to Begin Inspecting Trucks Crossing State Line s for Nuclea...
Next by thread: MEDHP-SEC: RE: Doctors' knowledge of radiation exposure
Index(es):
- Date
- Thread