Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Sobig Virus Spread is Fastest Ever; Nachi Worm Continues
Dow Jones Newswires | Riva Richmond

Posted on 08/20/2003 8:36:10 PM PDT by HAL9000

NEW YORK (AP)—A virus that debuted this week has been declared the fastest spreading e-mail plague of all time, while another malicious program that hit last week continued to disrupt computers worldwide.

MessageLabs Inc., a company that filters e-mail for corporate clients around the world, Wednesday said it had intercepted more than a million copies of the "Sobig.F" virus the previous day, the most it has ever intercepted in a single day. That was one in every 17 e-mail messages the firm scanned.

"That's just a number we've never seen before," said Brian Czarny, MessageLabs' marketing director. The most widespread virus of all time, "Klez," at its peak accounted for one in 125 messages scanned.

Sobig.F continued to spread aggressively on Wednesday, though the pace eased off a bit to about one in 60 messages, he said.

The virus, which is the sixth and latest strain of a virus that first emerged in January, spreads through Windows PCs via e-mail and corporate networks. Besides clogging e-mail systems with messages carrying subject lines like "Re: Details" and "Re: Wicked screensaver," the virus also deposits a Trojan horse, or hacker back door, that can be used to turn victims' PCs into relayers of spam e-mail.

"It's a seeding," Czarny said. "All they're looking to do is plant that Trojan."

Another virus, of the self-spreading kind called a "worm," first appeared last week and was still causing problems Wednesday. The worm, dubbed "Blaster," spreads through Internet connections to PCs using versions of Microsoft Corp.'s Windows operating system that haven't been fixed for a programming flaw. Microsoft disclosed the error, and provided a patch, on July 16.

Blaster was followed this week by the derivative "Nachi" or "Welchia," which attempts to inoculate computers by downloading the patch from Microsoft. However, the new worm is causing more problems than Blaster, and brought down Air Canada's ticketing systems Tuesday.

Railway giant CSX Corp. said a "worm virus" brought down its signaling systems early Wednesday morning, causing delays and canceled trains through the Eastern states.

Andy Ellis, chief security architect at Web services company Akamai Technologies Inc. said "Nachi" may not be more widespread than Blaster, but it is technically superior and is now generating twice as much Internet traffic as Blaster.

A lot of companies have been reporting problems inside their networks, he said, and there have been "a couple of points where parts of the backbone had performance issues" in the last 24 hours.

"Nachi is a long-term problem that has to be dealt with. These systems absolutely have to be patched," Ellis said.

Copyright 2003 Associated Press. All rights reserved.



TOPICS: News/Current Events; Technical
KEYWORDS: lowqualitycrap; microsoft; nachi; sobig; virus; windows; worm
Navigation: use the links below to view more comments.
first 1-2021-4041-6061-74 next last
The good news is that a lot of FReepers are getting rid of Microsoft operating systems recently, judging from numerous messages on FR.
1 posted on 08/20/2003 8:36:11 PM PDT by HAL9000
[ Post Reply | Private Reply | View Replies]

To: HAL9000
I have definitely seen signs today that Sobig spread in a huge way, but the activity seems to be on the wane now, and by next week will be long forgotten.
2 posted on 08/20/2003 8:38:52 PM PDT by Jalapeno
[ Post Reply | Private Reply | To 1 | View Replies]

To: HAL9000
And yet, once again, I still havn't gotten this virus/worm/trojan, or any other one... and I've used MS Products for years...

Maybe it's not the Operating System that is the problem?
3 posted on 08/20/2003 8:39:27 PM PDT by Chad Fairbanks (They can have my machete when they pry it from your cold dead skull...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Chad Fairbanks
No its the mail program (outlook) and how you expose your email throuhout the Internet..
4 posted on 08/20/2003 8:40:33 PM PDT by Jalapeno
[ Post Reply | Private Reply | To 3 | View Replies]

To: Jalapeno
Well, I use Outlook too.

What I'm waiting for is for Linux to take over as the Big Boy on the Block, and I am going to laugh my butt off when suddenly they become the target of choice for malicious script kiddies... as for the three Mac Users out there, well, they ain't gotta worry ;0)
5 posted on 08/20/2003 8:42:52 PM PDT by Chad Fairbanks (They can have my machete when they pry it from your cold dead skull...)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Jalapeno
There's a new patch that I was alerted to late this afternoon from Microsoft. I didn't check to see what it was since I've set my auto-notification to be for critical updates only.

Just thought I'd throw that out where people can check for the update.
6 posted on 08/20/2003 8:43:26 PM PDT by Sally'sConcerns (Don't mess with Texas!)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Chad Fairbanks
Yup. I've never received any of these menaces, either.
Heck, I've never even received an email from Nigeria.
Where's the love?
7 posted on 08/20/2003 8:44:18 PM PDT by babaloo999
[ Post Reply | Private Reply | To 3 | View Replies]

To: Chad Fairbanks
I agree with you. I got one once and bought Norton. I got another one and dumped norton for Avast a couple years ago and have never gotten another.

I upped my security some more by not accepting any mail unless the sender in in my address book.

That seems to solve all the problems.

8 posted on 08/20/2003 8:46:34 PM PDT by Cold Heat (Nothing in my home is French!)
[ Post Reply | Private Reply | To 3 | View Replies]

To: babaloo999
I havn't gotten teh Nigerian Scam ones either. I feel so slighted.

9 posted on 08/20/2003 8:46:58 PM PDT by Chad Fairbanks (They can have my machete when they pry it from your cold dead skull...)
[ Post Reply | Private Reply | To 7 | View Replies]

To: Chad Fairbanks
And yet, once again, I still havn't gotten this virus/worm/trojan, or any other one... and I've used MS Products for years...

I've gotten a couple, but in each case it was due to deliberate neglect against my better judgement.

10 posted on 08/20/2003 8:51:05 PM PDT by js1138
[ Post Reply | Private Reply | To 3 | View Replies]

To: wirestripper
I upped my security some more by not accepting any mail unless the sender in in my address book.

Every virus I've ever seen at home or at work has come from a trusted source.

11 posted on 08/20/2003 8:52:33 PM PDT by js1138
[ Post Reply | Private Reply | To 8 | View Replies]

To: js1138; wirestripper
Regardless of what operating system I happen to be using at any given time, a simple hardware or software firewall and a little common sense seems to prevent most problems...

I am, right now in what little spare time I have, conceptualizing the Ultimate Virus (well, actually a Worm) that could, in theory, take down the Internet. Having Linux wouldn't help. bwaaaaaaaaaaahahahahahahahahahaaaa
12 posted on 08/20/2003 8:55:54 PM PDT by Chad Fairbanks (They can have my machete when they pry it from your cold dead skull...)
[ Post Reply | Private Reply | To 10 | View Replies]

To: Chad Fairbanks
I am, right now in what little spare time I have, conceptualizing the Ultimate Virus (well, actually a Worm) that could, in theory, take down the Internet.

I don't think it would be that difficult -- I mean, if people are opening e-mails from strangers that say "Wicked Screensaver," or "I love you" they'll open anything.

13 posted on 08/20/2003 9:01:42 PM PDT by browardchad
[ Post Reply | Private Reply | To 12 | View Replies]

To: babaloo999
The good news is I think I figured out the Eudora Spam filter. The bad news is I'm not getting any eMail now...
14 posted on 08/20/2003 9:04:45 PM PDT by tubebender (FReepin Awesome...)
[ Post Reply | Private Reply | To 7 | View Replies]

To: browardchad
LOL... actually, the concept wouldn't necessarily be an email-delivered exploit. Now, as I stated, this is only a concept, and I have no intention of ever doing it.

The concept is, simply, a software EMP against Internet Backbones...

THe questions are - can it be done? and if so, what can be done to defend against it...?

15 posted on 08/20/2003 9:10:12 PM PDT by Chad Fairbanks (They can have my machete when they pry it from your cold dead skull...)
[ Post Reply | Private Reply | To 13 | View Replies]

To: HAL9000
'Sobig'

Must originate from a gay porn site!

16 posted on 08/20/2003 9:11:28 PM PDT by rockfish59
[ Post Reply | Private Reply | To 1 | View Replies]

To: rockfish59
I had to deal with an onslaught of emails today from infected dimwits. Then you get emails from the rest of them asking why your emailing them. I stopped replying. If they can't figure it out then forget em.
17 posted on 08/20/2003 9:15:02 PM PDT by mlbford2
[ Post Reply | Private Reply | To 16 | View Replies]

To: HAL9000
I have recieved 14 e-mails today with Sobig attached to them .. gotta love Norton Anti-virus
18 posted on 08/20/2003 9:18:05 PM PDT by commish (Freedom Tastes Sweetest to Those Who Have Fought to Preserve It)
[ Post Reply | Private Reply | To 1 | View Replies]

To: tubebender
Even as recent as a few years ago, Eudora, Netscape Communicator, and yes, Outlook , had some exploitable functionality in it... Email has been a problem for well over a decade...
19 posted on 08/20/2003 9:20:53 PM PDT by Chad Fairbanks (They can have my machete when they pry it from your cold dead skull...)
[ Post Reply | Private Reply | To 14 | View Replies]

To: Chad Fairbanks
Maybe it's not the Operating System that is the problem?

It must be a mere coincidence that the only computers that ever get infected are running Windows. And thanks to the SoBig virus, millions of those miserable machines will be used as open relays for spam.

as for the three Mac Users out there, well, they ain't gotta worry ;0)

Mac OS X will be running on 10 million computers this year - virus-free.

20 posted on 08/20/2003 9:25:01 PM PDT by HAL9000
[ Post Reply | Private Reply | To 3 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-4041-6061-74 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson