Scoop has an Ethical Paywall
W32.Sobig.F@mm - updated statistics
Symantec Security Response - W32.Sobig.F@mm - updated statistics
Here's the latest updates on W32.Sobig.F@mm from the Symantec Security Response experts: Symantec Security Response has received a total of 6,031 submissions, of which, 654 are corporate submissions and 5,377 are consumer infections.
The worm deactivates on September 10, 2003.
The last day the worm will spread is September 9, 2003. However, the deactivation date applies only to the mass-mailing, network propagation, and e-mail address collection routines.
This means that a W32.Sobig.F@mm infected computer, will still attempt to download updates from the respective list of master servers during the associated trigger period (19:00 to 22:00 UTC), even after the infection deactivation date. Previous variants of Sobig exhibited similar behaviour.
Outbound udp traffic was observed on August 22 coming from systems infected with both Sobig.E and Sobig.F. However the target IP addresses were either not responding, taken offline or contained not executable content i.e. a link to a adult site.
W32.Sobig.F@mm uses a technique known as "email
spoofing," by which the worm randomly selects an address it
finds on an infected computer. For more information on
e-mail spoofing, see the "Technical Details" outlined in the
write up located at
http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f@mm.html
Bill Bennett: Download Weekly - How would NZ telecoms cope with another cyclone
NZ On Air: Firm Audience Favourites Lead NZ On Air Non-Fiction Funding
Insurance and Financial Services Ombudsman: Woman Gets $40k More After Disputing Insurer’s Decision
BNZ: A Quarter Of Older NZers Fear Going Online Due To Scam Concerns
University of Auckland: Scientists Develop Tool To Monitor Coastal Erosion In Fine Detail
Oji Fibre Solutions: OjiFS Proposes To Discontinue Paper Production At Kinleith Mill
