August 21st, 2003



Around lunch time, my mailbox started to get filled up with Sobig.F worm from some guy in Australia [] (Macquarie University?). At the rate of 1-2 email per minute, I have receive over 200+ from him alone in the last 2 hrs. If one person can do that much damage, imaging 1/2 a million…

I also found an analysis of SoBig.F worm which is very interesting. This is a very evasive worm written by very competent programmer.

The worm will create open mail relay for spammers and install keylogger to trap id/passwd for internet banking among other things. The seeding of the virus is done via spamming and then spread to others.

We could conclude this is a work of some underground group who is involving in spamming, bank frauds, etc..a pure commerical venture. This is quite different from the old days where crackers wrote viruses & worms are written for the fun of it.

Folks, welcome to the New Age War!

Comments are closed.