[61089] in North American Network Operators' Group
Re: Brace yourselves.. W32/Sobig-F about to mutate...
daemon@ATHENA.MIT.EDU (Fergie)
Fri Aug 22 14:43:13 2003
X-Original-From: "Fergie" <fergdawg@netzero.net>
Date: Fri, 22 Aug 2003 18:41:02 GMT
To: Valdis.Kletnieks@vt.edu
Cc: nanog@merit.edu
From: Fergie <fergdawg@netzero.net>
Errors-To: owner-nanog-outgoing@merit.edu
Let's not get too spooked -- this is yet another annoyance
that exemplifies just how ludicrous the virus writer's
"one-upmanship" really can get, something which has been
around for quite some time.
Thanks for the heads-up, which is (in my opinion) the appropriate
response -- anything resembling panic, scare tactics, or a
"Charlie Foxtrot", would only contribute to the problem.
It seems like that has become the norm (charlie yada), and
as engineering folk, we need to be more objective. :-)
Let's make sure we put this into the proper perspective and
not contribute to the hype. Does that sound fair? (This is merely
a general statement/question and not directed to Valdis.)
Cheers,
- fergie
Valdis wrote:
A quick heads up, if anybody hasn't heard:
At 1900GMT today, ET phones home, and picks up the next payload
of instructions. Nobody knows (yet) what they'll be, but SoBig-E
erased itself, put in a password grabber, and then installed a
mail proxy for spammer use.
This one *may* just play the theme song from Bozo the Clown
and erase itself, but I severely doubt it's gonna be that
nice.
http://www.f-secure.com/news/items/news_2003082200.shtml
