Sobig gains momentum

Antivirus experts are cautioning against a new mass e-mailing worm that is spreading fast around the globe.

Identified Friday, the W32/Sobig virus was recently upgraded from low to medium risk by Network Associates – the makers of McAfee security products – due to an increase in prevalence over the past 36 hours.

According to an advisory from the company, the virus arrives in e-mail format from big@boss.com. While Network Associates warns of the potential changes to the subject line, the majority of messages read “Re: Movies,” “Re: Sample,” Re: Document,” and “Re: Here is that sample.”

The attachment presents itself as a PIF (process interchange format) file and uses one of the following filenames: Movie_0074.mpeg.pif; Document003.pif; Untitled1.pif; and Sample.pif.

According to Symantec Corp, makers of Norton Antivirus software, to combat the Sobig worm, PC users should abide by some simple rules:

– Turn off and remove unneeded services. By default, many operating systems install auxiliary services that are not critical, such as an FTP server, telnet, and a Web server. These services are avenues of attack. If they are removed, blended threats have less avenues of attack and you have fewer services to maintain through patch updates.

– Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.

– Configure your e-mail server to block or remove e-mail that contains file attachments that are commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files.

– Isolate infected computers quickly to prevent further compromising your organization. Perform a forensic analysis and restore the computers using trusted media.

For more information or for removal tactics visit www.networkassociates.com, or www.symantec.com.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now