|
For a complete description of this virus, please refer to the bulletin availableat http://www.cert.org/nav/index.html
|
VIRUS - INFO ... Enjoy your visit to our site! I can't vouch for viability of the anti virus list below.
AVG 6.0 is a Free Edition Anti Virus AVG+6.0+freeGoogle+Search
& there are a number of Free Firewall's at Free ware site
on the web I like& used Zone Alarm from Zone Labs Inc.
zonealarm Google+Search All I will say is it worked for me.
INFORMATION ON THIS WEB SITE IS PROVIDED "AS-IS" WITHOUT
WARRANTY Of ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING,
BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
Subject: VIRUS WARNING UPDATE:
< SOBIGvirus
The worst ever? Date: Fri, 22 Aug 2003 16:43:12 -0400
Last time it was this
CERT® Advisory CA-2001-22
W32/Sircam Malicious CodeAlert
You may wish to visit the CERT/CC's Computer
Virus Resources Page located at:
Vendor Information
not rated
Aladdin Knowledge Systems
Central Command, Inc.
Command Software Systems
Computer Associates
Data Fellows Corp
McAfee
Norman Data Defense Systems
Panda Software
Proland Software
Sophos
Symantec
Trend Micro
CERT® Advisory CA-2001-22 W32/Sircam
Malicious CodeAlert
This is a virus notification from Southwestern Bell/Pacific Bell/Nevada Bell Internet Services. Please read this message
carefully.
A virus known as SirCam is affecting Internet users worldwide.
The SirCam virus is transmitted through e-mail attachments and
will likely come from someone you know. We recommend that
you monitor your e-mail for unusual or unexpected messages.
As a precaution, delete messages that begin "Hi! How are
you?"and end "See you later. Thanks" and contain an attachment.
The message also may appear in Spanish, beginning "Hola como estas?" and ending "Nos vemos pronto, gracias."
If your computer becomes infected, the virus will send messages
to every e-mail address stored on your computer and attach your
personal files to outgoing messages. We strongly recommend
that you update your anti-virus software to help protect your
computer from this virus.
For a complete description of this virus, please
refer to the bulletin available at
| Virus Update 4 2003 Subject: VIRUS WARNING UPDATE: SOBIGvirus
the worst ever? Date: Fri, 22 Aug 2003 16:43:12 -0400
From: "Kas and Jim"
For the past three days, I've been getting e-mails with the W32.Sobig.F@mm virus attached. Our ISP has been capturing most of
them, fortunately, so only the cleaned messages get through to us, but there are tons of them. According to Symantec, it was discovered on the 19th of this month. The first day, there were a few messages with the attached virus in our inbox, the second day a lot more, and today they're flooding in. I checked the e-mail about 7:30 this morning, and there were quite a few of them in it, which I deleted. When I just checked it again, about six hours later, there were dozens of them,I'd say about a hundred. I shudder to think how many will be in there tomorrow, if this geometric progression continues. I can easily imagine it possible that e-mailing will be made impossible or destroyed, just from all the millions of virus messages piling up in the system.
In my recent web-research on this virus, at the following sites and others, I've learned that this one probably isn't the usual kiddy hacker prank.
This is probably a serious weapon launched by a criminal enterprise. It's ultimate purpose may be the acquisition of credit-card data on millions of people.
As such, it may spell the death of on-line commerce. A less malignant purpose of the virus may be facilitating "spam" advertising. That possible scenario is bad enough.
The sheer volume of message traffic bearing the worm has the potential of completely shutting down E mailing, as we know it. We'll know the ultimate purpose of this weapon on Sept. 10, when it goesinto its active phase. In the worst-case scenario, if a commerce site with which you've done an on-line credit card transaction is infected, on Sept. 10 your credit card information may be sent to the criminal enterprise responsible for the worm.
This is a very serious posssibility.
Below are some URLs for information on the seriousness of this virus, and its possible ramifications. There are other relevant links from these sites.
It's very important to keep your virus-protection software updated, and have the latest patches from Microsoft installed on yoursystem.
http://www.microsoft.com/ can give you information on this and other recent mass attacks, and has a link for downloading the latest system patch. Needless to say, Microsoft's sloppiness in releasing millions of operating system copies before making sure that all the holes are plugged is responsible for the "success" ot the recent MSBlaster epidemic; but the SOBIG virus is spreading so wildly just because sufficient gullible people have been clicking on virus attachments showing up in their in-boxes.
Be extremely careful about opening any attachments, even from addresses you recognize. I've received virus messages from entities
I recognized, although they weren't in my own address file, although I might have been in theirs, and I've also received bounce-back
notifications from entities I've recognized. This virus, once it has embedded itself, sends out messages using addresses in the
captured address book as the "from" address. So, if you get a bounceback message to do with a virus, this doesn't necessarily
mean that your computer is infected, it just may mean that your address is in the address book of an infected computer.
You should run a virus scan, using updated virus definitions just to be sure that your computer isn't infected. Symantec's is at:
http://securityresponse.symantec.com/avcenter/download.html ,
Mcafee has a free on-line service called FreeScan, which will scan your system for
you, using all the latest virus definitions:
It is well worth going to the trouble of scanning your system for viruses and worms. Here are
the subject names used for theW32.Sobig.F@mm virus attachment, the current variant which is clogging inboxes.
Don't open any attachment with any of these in the subject line:
Re: Details
Re: Approved
Re: Re: My details
Re: Thank you!
Re: That movie
Re: Wicked screensaver
Re: Your application
Thank you!
Your details
At this point, it's likely that you've encountered some or all of these. If you did encounter them,
I hope you didn't open them. If you did so, your computer is probably infected.
Regards, Jim
Ref:
|
puppets PCinfo