[TriLUG] N00b: Security Warning Fun
Scott Lundgren
s_l at mindspring.com
Tue Aug 19 15:45:09 EDT 2003
There's a new variant of Sobig out. This one is using a multi-threaded email
engine within it so it pumps out a lot more email:
http://news.com.com/2100-1002-5065494.html?tag=nl
The sender appears to be someone from a recognized domain name, such as
ibm.com, zdnet.com or microsoft.com. The subject line typically says "Re:
Details," "Resume" or "Thank you."
Attachment names may include: your_document.pif, details.pif,
your_details.pif, thank_you.pif, movie0045.pif, document_Fall.pif,
application.pif, and document_9446.pif.
>with this subject, some with others, but all with a .pif attachment. My
>firewall filters out .pif's so i'm not too concerned, but it's driving my
More information about the TriLUG
mailing list