TCH-Andy Posted June 26, 2003 Share Posted June 26, 2003 Whilst I don't normally post warning of viruses, I have found 3 example of this coming to me so far today. Whilst Total Choice Hosting stops many attachment types, it does not stop ZIP files. This is an unusual virus, in that it spreads in a zip file. A typical email has the following format: Subject line: Re: Movie or Re: Application Message text: Please see the attached zip file for details Attached file: your_details.zip Unzip at your peril - it may be Sobig worm, says SophosSophos's customer support service has received many reports from businesses attacked by the latest variant of the Sobig worm. W32/Sobig-E, first seen 25th June, is the fifth variant of the Sobig worm - but varies from its older siblings as it spreads itself in the form of a ZIP file. Even though the user has to unZIP the offending file and launch its content to become infected, some business networks are still falling victim to the worm. Sophos advises all businesses to keep their virus protection up-to-date and educate their users about the perils of unsolicited code. "Sobig-E is different from your typical worm as it spreads as a ZIP file. This means even if a company has a forward-thinking security policy of blocking executable code - the usual carrier for email worms - Sobig-E can sneak past and dupe people into running its code," said Graham Cluley, senior technology consultant for Sophos Anti-Virus. "The best defence against Sobig-E is to get into the habit of never running unsolicited code and keep your email gateway and desktop virus protection up-to-date." Sobig-E is programmed to fall dormant on 14 July, indeed all the Sobig worms have had limited lifespans. If the virus writer continues with this pattern, Sophos says it would not be surprised if a sixth version of the worm were released shortly after the demise of Sobig-E. Sophos issued protection against the W32/Sobig-E worm at 16:35 GMT on Wednesday, 25 June 2003. Andy Quote Link to comment Share on other sites More sharing options...
boxturt Posted June 26, 2003 Share Posted June 26, 2003 Thanks Andy Quote Link to comment Share on other sites More sharing options...
TCH-JimE Posted June 26, 2003 Share Posted June 26, 2003 Hi, I ought to point out that if you recieve any email with an attachement that your not sure about, or do not reconise the address, delete it, don't open it. Even if it says "support@microsoft.com" don't open it! Microsoft never sends out support like that. Jim Quote Link to comment Share on other sites More sharing options...
imadsurfer Posted June 26, 2003 Share Posted June 26, 2003 I agree totally. Never open an attachment that you don't know from whence it came. Even if the address is from somebody you know, don't open it until you have contacted them to see if they really did send it. Spoofing addresses is easily done..... ImaD Quote Link to comment Share on other sites More sharing options...
TCH-Don Posted June 26, 2003 Share Posted June 26, 2003 Yes, thank you Andy, Symantec web site info on W32/Sobig-E Quote Link to comment Share on other sites More sharing options...
TCH-JimE Posted June 26, 2003 Share Posted June 26, 2003 Hi, I had mcaffee bleeping at me early this morning when I was downloading that email. There are many cheap and even free virus checkers out there folks, its one of the few investiments that I would urge everyone to make sure they have, and make sure its scans email and that you keep it up to date Jim Quote Link to comment Share on other sites More sharing options...
TCH-Don Posted June 26, 2003 Share Posted June 26, 2003 There is nothing like the thrill of hearing a warning alarm from your anti-virus program as you are checking your email. And you see it has quarantined your email. It happened to me last summer, when my sister got the Klein virus. Before I blocked the email address she uses for me, I got about 50 virus emails supposedly from everyone in her address book. I leave my anti-virus program update automatically now. Quote Link to comment Share on other sites More sharing options...
TCH-Andy Posted June 26, 2003 Author Share Posted June 26, 2003 I must agree with you Turtle, the chirp of the alarm as it sucks the virus off to be dealt with is a most satisfying sound. Nerd Whip woooot Quote Link to comment Share on other sites More sharing options...
Samrc Posted June 26, 2003 Share Posted June 26, 2003 I received a similar warning from Trend on our corporate network today. It captures the offensive attachments with no sound, but my Norton at home has a lovely popup to tell me it protected me from hazard. Wouldn't run a machine these days without protection. Like the avatar imaD! -Samantha Quote Link to comment Share on other sites More sharing options...
TCH-Don Posted June 26, 2003 Share Posted June 26, 2003 Yes ImaD, is that what a super fast machine looks like Quote Link to comment Share on other sites More sharing options...
TCH-Sales Posted June 26, 2003 Share Posted June 26, 2003 I got the same darn email too yesterday. Thankfully I wasn't so tired that I didn't catch it in time, and I eleminated the problem. Good to keep everybody informed though! Thumbs Up Quote Link to comment Share on other sites More sharing options...
imadsurfer Posted June 26, 2003 Share Posted June 26, 2003 The avatar is a pic I made when I tried to load WinXP Pro on my server... ImaD Quote Link to comment Share on other sites More sharing options...
TCH-Don Posted June 26, 2003 Share Posted June 26, 2003 LOL, I undestand. I Love it. Quote Link to comment Share on other sites More sharing options...
greatfolios sysop Posted June 27, 2003 Share Posted June 27, 2003 received in the inbox today.... re:movie from veritas123 (didn't reccognise who it was from so I looked at properties and it had no text in the body, I knew it was trouble.... (poof, delete!) missed me again! Quote Link to comment Share on other sites More sharing options...
imadsurfer Posted June 27, 2003 Share Posted June 27, 2003 I like the new ones that I've been getting lately. They come as mail I've supposedly sent that is being returned......Pretty sneaky, but almost always when I send mail I know I've done it... ImaD Quote Link to comment Share on other sites More sharing options...
TCH-JimE Posted June 27, 2003 Share Posted June 27, 2003 Hi, I have that problem too, problem is that I send so many emails a day, I have to sit and look at the address, but then it goes in the bin. If someone really needs something that I haven't sent them, they will call me! Jim Quote Link to comment Share on other sites More sharing options...
Head Guru Posted June 27, 2003 Share Posted June 27, 2003 I think I have gotten about 200 of these emails today. Argh! Quote Link to comment Share on other sites More sharing options...
imadsurfer Posted June 27, 2003 Share Posted June 27, 2003 Yeah...aren't they fun? Yuck! ImaD Quote Link to comment Share on other sites More sharing options...
ohBhoy Posted July 1, 2003 Share Posted July 1, 2003 I have been talking to Rick at tech support mostly all day today about this. I received the first one Friday, June 27, 2003 3:59 PM, mountain time. It freak me out for the sender or should I say the site that bounced back that e-mail was a I AM A SPAMMER site. See I am a decent person and never do that kind of thing then suddenly got an e-mail that they couldn't accept the zipped file I gave them because it has a virus?. My first thought was somebody hacked my e-mail and somebody has been using my account to spread viruses or using my account to get access to unlawful or illegal sites. Oh BTW, nice tech support you got here! Quote Link to comment Share on other sites More sharing options...
imadsurfer Posted July 1, 2003 Share Posted July 1, 2003 Hey ohBhoy, It looks like this was your first post, so welcome to the Forums. It's just like a big family on here, and the support is bar-none the best in the biz. If this family doesn't already know the answer (which is rare!) they will find it somewhere and get back to you... Sorry to hear about your e-mail, but it could have been worse. It could have shown being bounced back from the IRS! ImaD Quote Link to comment Share on other sites More sharing options...
ohBhoy Posted July 2, 2003 Share Posted July 2, 2003 Thanks for the welcome. Yeah scary was an e-mail you never sent bounced back to you! If from the IRS and I knew I sent it, it could have been better. I am just glad my toy here never got the disease or else I will be sick too. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.