Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Sobig virus back...AGAIN...new variant.
USA Today | 8/19/2003

Posted on 08/19/2003 11:16:06 PM PDT by LinuxRocks

Sobig.F email work is causing problems!


TOPICS: Business/Economy; Crime/Corruption; News/Current Events
KEYWORDS: computers; it; lowqualitycrap; microsoft; nolink; operatingsystems; software; technology; unnecessaryexerpt; windows; worm
Navigation: use the links below to view more comments.
first 1-5051-81 next last
Sobig.F, a new variant of a problem email worm, is again causing problems. Servers I manage are getting hit with infected mail clients from Microsoft computers infected with the worm. To quote USA Today: "The new SoBig variant, known more formally as MM/SoBig.F@mm, mainly affects e-mail and Windows network shares. It raids an infected computer's Outlook address book and sends copies of itself as an attachment via e-mail to those listed. If the attachment is opened by the recipient, the worm starts the process again."

I think this one could be big, and everyone needs to take note of this one. It is another Klez virus in the making.

1 posted on 08/19/2003 11:16:06 PM PDT by LinuxRocks
[ Post Reply | Private Reply | View Replies]

To: LinuxRocks
Outlook address book

There's your problem. That crappy program is just a virus petri dish.

2 posted on 08/19/2003 11:22:40 PM PDT by Hank Rearden (Dick Gephardt. Before he dicks you.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: LinuxRocks; A Citizen Reporter; ABG(anybody but Gore); Angelwood; arazitjh; b4its2late; backhoe; ...
bttt
3 posted on 08/19/2003 11:23:38 PM PDT by kayak (God bless President Bush, our military, and our nation!)
[ Post Reply | Private Reply | To 1 | View Replies]

Just for general consumption:

FREE PC PROTECTION:

Spybot S&D: Removes lurking spyware.
AdAware: Removes lurking spyware.
Bayden Systems Popup Popper: Blocks popup ads well in MSIE
MailWasher: Good for pre-screening & bouncing SPAM
AVG Anti-Virus Free Edition: Free anti-viral protection
ZoneAlarm: Excellent Firewall


4 posted on 08/19/2003 11:25:01 PM PDT by martin_fierro (A v v n c v l v s M a x i m v s)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Ernest_at_the_Beach
Ping.
5 posted on 08/19/2003 11:25:26 PM PDT by martin_fierro (A v v n c v l v s M a x i m v s)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Hank Rearden
Microsoft sucks, period. I hate all of their crappy operating systems and applications. Yet people use their solutions like they are the best thing since sliced bread. I just don't get it. Open Source solutions are way, WAY better I tell you. More usable and more stable, and more thoughtful and secure. Bill Gates and Monkey Boy (aka Steve Ballmer) have got to the wool pulled over the eyes of the world.
6 posted on 08/19/2003 11:26:25 PM PDT by LinuxRocks
[ Post Reply | Private Reply | To 2 | View Replies]

To: Hank Rearden
Im not using Outlook and my inbox has been filled with these emails. My virus is up to date, firewall running and I cant stop them from coming in.
7 posted on 08/19/2003 11:28:36 PM PDT by boxerblues (God Bless the 101st, stay safe, stay alert and watch your backs)
[ Post Reply | Private Reply | To 2 | View Replies]

To: LinuxRocks
glad I stayed up long enough to bump for a morning re-read.
8 posted on 08/19/2003 11:29:22 PM PDT by RightField (the older you get ..... the older "old" is ......)
[ Post Reply | Private Reply | To 1 | View Replies]

To: LinuxRocks
GRRRR. I am truly pissed off. I have spent the last 5 days either patching servers to prevent the stupid damned Blaster bug from getting in or removing the Blaster bug from Microsoft's crappy platforms. Now today...after doing all that I discover that I have a server that's getting hit with infected email clients (out in the wild of the Net) that have Sobig.F. I have THREE MESSAGES A MINUTE from infected email clients on the net trashing up my Inbox...filling virus quarantines on my server, and this fun never ends...because of the way M$ designed their shitty software. I'm so tired I can hardly see straight. The M$ slogan is "Where do you want to go today?" My reply is "I want to leave my computer room and get some sunlight and quit thinking about this. How about that you bastards in Redmond?"
9 posted on 08/19/2003 11:32:54 PM PDT by LinuxRocks
[ Post Reply | Private Reply | To 1 | View Replies]

To: boxerblues
I deleted at least 450 virus-carrying emails yesterday.
10 posted on 08/19/2003 11:33:43 PM PDT by rusty millet
[ Post Reply | Private Reply | To 7 | View Replies]

To: rusty millet
Microsoft SUCKS. They suck the ass of a donkey. They SUCK SUCK SUCK SUCK SUCK. I have dealt with this shit since late last week. They are the reason for this. They SUCK.
11 posted on 08/19/2003 11:35:45 PM PDT by LinuxRocks
[ Post Reply | Private Reply | To 10 | View Replies]

To: rusty millet
How do you stop it short of putting a block on all incoming mail?
12 posted on 08/19/2003 11:39:25 PM PDT by boxerblues (God Bless the 101st, stay safe, stay alert and watch your backs)
[ Post Reply | Private Reply | To 10 | View Replies]

To: LinuxRocks
You need rest.
13 posted on 08/19/2003 11:39:42 PM PDT by HairOfTheDog (And whither then? I cannot say)
[ Post Reply | Private Reply | To 11 | View Replies]

To: LinuxRocks
Yes, I would consider myself a troll at this point, but who wouldn't? This is your brain...this is your brain after working with Blaster for five days and now you've got Sobig choking your server. Sounds like a bad Mardi Gras experience. Too bad it just wasn't that fun.
14 posted on 08/19/2003 11:40:13 PM PDT by LinuxRocks
[ Post Reply | Private Reply | To 11 | View Replies]

To: boxerblues
Got AV filters on my server, problem with that is it quarantines everything, and that will fill up at the rate this is going. A guy just told me that I need a rest. I agree with him. But now I'm obsessed, and this is like some strange Twighlight Zone weird bizarre shit and it's almost funny.
15 posted on 08/19/2003 11:41:54 PM PDT by LinuxRocks
[ Post Reply | Private Reply | To 12 | View Replies]

To: LinuxRocks
Okay, but quit beating around the bush.

Tell us how you really feel.

16 posted on 08/19/2003 11:43:19 PM PDT by technomage
[ Post Reply | Private Reply | To 11 | View Replies]

To: boxerblues
Yeah, you rite. Rust never sleeps, and so it goes in the Big Easy...especially when dealing with sucky Microsoft crap.
17 posted on 08/19/2003 11:43:40 PM PDT by LinuxRocks
[ Post Reply | Private Reply | To 12 | View Replies]

To: technomage
Ok, you asked for it. Microsoft Sucks. There, did I clarify my position on the matter?
18 posted on 08/19/2003 11:44:24 PM PDT by LinuxRocks
[ Post Reply | Private Reply | To 16 | View Replies]

To: LinuxRocks
Oh yeah, I'll add this too. SCO sucks too. Darl McBride is Bill Gate's little pet Pitt Bull.
19 posted on 08/19/2003 11:45:09 PM PDT by LinuxRocks
[ Post Reply | Private Reply | To 17 | View Replies]

To: LinuxRocks
Ken - is that you?

Sorry. You sound just like someone I work with. I guess it's a common opinion.
20 posted on 08/19/2003 11:45:44 PM PDT by Gil4
[ Post Reply | Private Reply | To 11 | View Replies]

To: Gil4
Dude, my name is not Ken. My name is Eddie. I'm close to crazy now after having spent almost my whole weekend dealing with this only to find Sobig.F eating my server alive right before going to bed. You can only imagine how crazy that made me, being sleep deprived and all. I can only imagine what our troops are having to put with in Iraq.
21 posted on 08/19/2003 11:47:45 PM PDT by LinuxRocks
[ Post Reply | Private Reply | To 20 | View Replies]

To: rusty millet
Wow. And here I thought my 30+ was a lot.
22 posted on 08/19/2003 11:49:10 PM PDT by Green Knight (Looking forward to seeing Jeb stepping over Hillary's rotting political corpse in 2008.)
[ Post Reply | Private Reply | To 10 | View Replies]

To: kayak
Thanks for the ping.
23 posted on 08/19/2003 11:50:02 PM PDT by Bradís Gramma (Have YOU had your Logan Fix today?)
[ Post Reply | Private Reply | To 3 | View Replies]

To: LinuxRocks
There, did I clarify my position on the matter?

Yes. I believe I am getting a sense of what you were trying to get across.

:0

24 posted on 08/19/2003 11:50:14 PM PDT by technomage
[ Post Reply | Private Reply | To 18 | View Replies]

To: Gil4
And I'll tell you something else. This bullshit ought to server as a good f**king wake up call to everybody that Microsoft ain't got what it takes...if for usability we have to get these worms and security holes, I'll find something that is a little bit harder to use and a little more secure. There is no telling what this worm has costed businesses that I work with (and myself) in terms of productivity and downtime. It is an attrocity.
25 posted on 08/19/2003 11:50:43 PM PDT by LinuxRocks
[ Post Reply | Private Reply | To 20 | View Replies]

To: LinuxRocks
I really feel for you IT guys.
26 posted on 08/19/2003 11:53:30 PM PDT by boxerblues (God Bless the 101st, stay safe, stay alert and watch your backs)
[ Post Reply | Private Reply | To 15 | View Replies]

To: boxerblues
"Im not using Outlook and my inbox has been filled with these emails. My virus is up to date, firewall running and I cant stop them from coming in."

It is awful isn't it? And it is all because of the stupid M$ virus/worm email relay that is now on 99.9% of all desktops. The Emperor (Mr. Gates) has NO CLOTHES.

27 posted on 08/19/2003 11:54:22 PM PDT by LinuxRocks
[ Post Reply | Private Reply | To 7 | View Replies]

To: boxerblues
I am truly pissed off about this...it has gone on for way too long, and Microsoft has NOT fixed the problem. It is a constant distraction that they could fix, but they won't. And I'm sick of it, and I'm sick of them and their new licensing tricks. Sooner or later they will add their XP licensing tricks to computer hardware. I just might call it quits when that day comes.
28 posted on 08/19/2003 11:56:31 PM PDT by LinuxRocks
[ Post Reply | Private Reply | To 26 | View Replies]

To: Hank Rearden
"Outlook address book. There's your problem. That crappy program is just a virus petri dish."

One that 99.9% of all computer users use. And a problem that M$ won't fix. As the French queen once said, and as M$ says today "Let them eat cake."

29 posted on 08/19/2003 11:58:52 PM PDT by LinuxRocks
[ Post Reply | Private Reply | To 2 | View Replies]

To: martin_fierro
AdAware is really awesome. A good program for those running Microsoft Windoze, which the spyware can easily infect.
30 posted on 08/20/2003 12:01:13 AM PDT by LinuxRocks
[ Post Reply | Private Reply | To 4 | View Replies]

To: technomage
How about this one...over a year ago, Microsoft, one of the richest companies on the planet, said - this was Gates talking now - Security is TOP PRIORITY. Fast forward to mid July 2003. This bug exploited by Blaster....was it found my Microsoft? NO!!! It was discovered by a programmer in Europe who kindly reported the bug to Microsoft. How about that? For all the programmers they have working there....what do you think of their "security initiative" ?????????????
31 posted on 08/20/2003 12:05:29 AM PDT by LinuxRocks
[ Post Reply | Private Reply | To 24 | View Replies]

To: boxerblues
My virus is up to date, firewall running and I cant stop them from coming in.

I know what you mean. Had a virus a year ago that zapped my machine - had to get a new drive and start over.

Am now using the following programs - you can download a free 30 trial - I bought them all and "knock on wood" no virus.

You might check into the following on the internet:

MailWasher Pro - identifies spam, possible virus, filtered, etc., so they can be deleted before download. You can read these messages at the server before downloading.

FireTrust Benign. This reads over all E-Mail and will drop suspicious attachments. It also will rewrite some E-Mails so that all you see is the copy. No links.

Spy Sweeper - just bought this one. It's great! On my first sweep it picked up about 60 "cookies" that had been planted without my knowledge. You are able to check out each and every "cookie" - gives you an idea where it came from.

I'm rather new at this computer business so I suggest you check these programs out.

P.S. Just this evening I had an E-Mail listed as having been bounced - it had been rewritten with details I do not understand. The subject of the E-Mail was: re your details. This was referred to in the article in WND.

http://www.reuters.com/newsArticle.jhtml?type=topNews&storyID=3304287

Sorry to be so wordy!

32 posted on 08/20/2003 12:13:30 AM PDT by AnimalLover
[ Post Reply | Private Reply | To 7 | View Replies]

To: AnimalLover
Isn't it a shame, that you have to go thru all of this just to keep you computer working, and that you had an unrecoverable crash, all due to Billie Gate's SWILL called Windoze? It really sucks doesn't it? Well muliply your problems by 10, 20, 25, or 100 and you have the problems of a small business that has to support this crap on a daily basis. M$ slogan. Where do you want to go today?
33 posted on 08/20/2003 12:20:52 AM PDT by LinuxRocks
[ Post Reply | Private Reply | To 32 | View Replies]

To: AnimalLover
The "your details" subject is a Sobig.F infected message. Check it out:

http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f@mm.html">http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f@mm.html

An exerpt: (infected email subjects)

Subject:
Re: Details
Re: Approved
Re: Re: My details
Re: Thank you!
Re: That movie
Re: Wicked screensaver
Re: Your application
Thank you!
Your details
34 posted on 08/20/2003 12:24:32 AM PDT by LinuxRocks
[ Post Reply | Private Reply | To 32 | View Replies]

To: LinuxRocks; AnimalLover
I have all that and still they come.

For all you IT guys I promise not to bother you in the morning unless its to bring coffee & donuts
35 posted on 08/20/2003 12:29:58 AM PDT by boxerblues (God Bless the 101st, stay safe, stay alert and watch your backs)
[ Post Reply | Private Reply | To 33 | View Replies]

To: LinuxRocks
I'm close to Redmond. You want me to go kick Gates in the shin? =^)
36 posted on 08/20/2003 12:41:44 AM PDT by rockfish59
[ Post Reply | Private Reply | To 9 | View Replies]

To: LinuxRocks
Re your details - that's what hit me. I'm not sure which program caught it - MailWasher Pro or FireTrust Benign - but thank the Lord it didn't get through - just bounced.

Following is the E-Mail I received:

----------------------------------------------------------

A Disallowed attachment type was found in an Email message you sent.

This Email scanner intercepted it and stopped the entire message reaching its destination.

The Disallowed attachment type was reported to be:

Forbidden file type - Possible MS-Dos program shortcut attack

Please contact your I.T support personnel with any queries regarding this policy.

Your message was sent with the following envelope:

MAIL FROM: My E-Mail Address

RCPT TO: support@ccbill.com

... and with the following headers:

--- MAILFROM: My E-Mail Address

Received: from unknown (HELO SUGATSUN-T0TBIC) (64.105.28.232) by corpmail.cwie.net with SMTP; 19 Aug 2003 14:51:25 -0000

From: To:

Subject: Re: Re: My details Date: Tue, 19 Aug 2003 7:51:24 --0700 X-MailScanner: Found to be clean Importance: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MSMail-Priority: Normal X-Priority: 3 (Normal) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="_NextPart_000_0A1F5821"

--- ----------------------------------------------------

This message has been processed by Firetrust Benign.

37 posted on 08/20/2003 12:46:57 AM PDT by AnimalLover
[ Post Reply | Private Reply | To 34 | View Replies]

To: martin_fierro
Thanx this is grand, the links. I had the virus about a month ago, kept spontaenously rebooting my pc. I had Norton Virus put on and Windows XP and a good firewall. Will this protect me?
38 posted on 08/20/2003 1:23:31 AM PDT by JustPiper (The Free Republic of America! "W" is our President !!!)
[ Post Reply | Private Reply | To 4 | View Replies]

To: LinuxRocks
What other Operating systems are good?
39 posted on 08/20/2003 1:25:20 AM PDT by JustPiper (The Free Republic of America! "W" is our President !!!)
[ Post Reply | Private Reply | To 9 | View Replies]

To: rusty millet
Holy Crap!
40 posted on 08/20/2003 1:27:10 AM PDT by JustPiper (The Free Republic of America! "W" is our President !!!)
[ Post Reply | Private Reply | To 10 | View Replies]

To: LinuxRocks; kattracks
Thanks for the ping. Norton has caught and quarantined 6 emails entering my Outlook program since last night that contain this virus.

Really puts me in a bad mood.....

41 posted on 08/20/2003 1:28:40 AM PDT by dansangel (America - Love it, Support it or LEAVE it!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: boxerblues
Does it just travel through email, there has to be cyber-terror going on, they promised it!
42 posted on 08/20/2003 1:30:41 AM PDT by JustPiper (The Free Republic of America! "W" is our President !!!)
[ Post Reply | Private Reply | To 12 | View Replies]

To: LinuxRocks
Couldn't anyone begin a class action lawsuit on Gates? Windows gave a patch if I understand right that was vulnerable to yet another email virus? And the patch itself reinifected many?
43 posted on 08/20/2003 1:36:23 AM PDT by JustPiper (The Free Republic of America! "W" is our President !!!)
[ Post Reply | Private Reply | To 27 | View Replies]

To: JustPiper
I dont know..not a techie. Im confused over this one. We have a new ISP so not many know my new email address and I am getting emails out the yingyang tonight with this virus attached, mostly from hotmail accounts and a few others. I can't delete them out fast enough
44 posted on 08/20/2003 1:39:33 AM PDT by boxerblues (God Bless the 101st, stay safe, stay alert and watch your backs)
[ Post Reply | Private Reply | To 42 | View Replies]

To: boxerblues
Not a techie either...thats horrible what your going through, I don't get how thats happening!
45 posted on 08/20/2003 1:48:57 AM PDT by JustPiper (The Free Republic of America! "W" is our President !!!)
[ Post Reply | Private Reply | To 44 | View Replies]

To: boxerblues
"How do you stop it short of putting a block on all incoming mail?"

Don't use "Lookout!" Get Mozilla...

http://www.mozilla.org

Other mail readers aren't compatible with the worm. Readers like Mozilla just stare stupidly at the worm without a clue as to how to run it. No run, no worm, no worries. I'm sure that other mail readers are just as incompatible with these MS worms. I happen to like Mozilla for it's anti-spam feature. It can be taught what is and isn't spam. It then moves spam off to a junk folder and deletes it after X days. (This feature has caught roughly 300 spam messages on our account over the past 7 days!)

Of course, a more radical approach is to stop using that one particularly worm-compatible operating system from the "Land of rain and espresso".

: )
46 posted on 08/20/2003 1:51:22 AM PDT by Redcloak (All work and no FReep makes Jack a dull boy. All work and no FReep make s Jack a dul boy. Allwork an)
[ Post Reply | Private Reply | To 12 | View Replies]

To: LinuxRocks
Gerald Holmes'es Why Micorsoft rules my Univrese

A laugh break might lower the blood pressure. Annoying pop-up ads, but what do you expect from "micorsoft's" leading advocate. It's old, but it's still funny.

47 posted on 08/20/2003 1:52:01 AM PDT by Gil4
[ Post Reply | Private Reply | To 25 | View Replies]

To: LinuxRocks
I bet implementation of an Islamic punishment (say amputation of hands) would stop this sh#t cold. Kind of hard to type up those viruses without fingers.
48 posted on 08/20/2003 2:28:32 AM PDT by Young Rhino (Condi Rice/Jeb Bush '08)
[ Post Reply | Private Reply | To 1 | View Replies]

To: LinuxRocks
My antivirus caught 2 emails infected with this one yesterday. I didn't know either sender. FWIW.
49 posted on 08/20/2003 3:45:45 AM PDT by Amelia
[ Post Reply | Private Reply | To 1 | View Replies]

To: LinuxRocks
I agree - MS - $ucks, but the alternatives are worse...
50 posted on 08/20/2003 4:21:02 AM PDT by epluribus_2
[ Post Reply | Private Reply | To 6 | View Replies]


Navigation: use the links below to view more comments.
first 1-5051-81 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson