[61081] in North American Network Operators' Group
Brace yourselves.. W32/Sobig-F about to mutate...
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Fri Aug 22 14:10:07 2003
To: nanog@merit.edu
From: Valdis.Kletnieks@vt.edu
Date: Fri, 22 Aug 2003 14:07:08 -0400
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_-80998500P
Content-Type: text/plain; charset=us-ascii
A quick heads up, if anybody hasn't heard:
At 1900GMT today, ET phones home, and picks up the next payload of
instructions. Nobody knows (yet) what they'll be, but SoBig-E erased itself,
put in a password grabber, and then installed a mail proxy for spammer use.
This one *may* just play the theme song from Bozo the Clown and erase itself,
but I severely doubt it's gonna be that nice.
http://www.f-secure.com/news/items/news_2003082200.shtml
--==_Exmh_-80998500P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQE/RlvMcC3lWbTT17ARAqjzAJ9aNw9J3wTHZ/FR35UMJRMPrOrr8QCferp0
s2dFAVkc8DOVdayYLaxr3DI=
=V6Eo
-----END PGP SIGNATURE-----
--==_Exmh_-80998500P--
