Aug 20, 2003, 8:55 AM
Post #2 of 3
Here's an e-mail that I just received from Corporate Security at MCI (where I work) regarding this virus :
More info on NEW infection W32.Sobig.F@mm (McAfee)
Can't Post | Private Reply
A new variant of W32/Sobig, W32/Sobig.f@MM is a High Risk mass-mailing worm. It arrives as an email attachment with a .pif or .scr extension. When run, it infects the host computer, then emails itself (using its own SMTP engine) to harvested email addresses from the victim's machine. In addition, when it propagates, the worm "spoofs" the "from: field", using one of the harvested email addresses.Note: The worm copies itself onto the infected machine as: C:\WINNT\WINPPR32.EXE Caution: An infected email can come from addresses you recognize and may contain the following information:
- Your details
- Thank you!
- Re: Thank you!
- Re: Details
- Re: Re: My details
- Re: Approved
- Re: Your application
- Re: Wicked screensaver
- Re: That movie
- See the attached file for details
- Please see the attached file for details
Current and up-to-date VirusScan users are protected from this threat.
Learn more about W32/Sobig.f@MM:
Scan for W32/Sobig.f@MM:
"When choosing between two evils, I always like to pick the one I never tried before." - Mae West
(This post was edited by N2Futur on Aug 20, 2003, 11:28 AM)