Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search


W32.Sobig.F@mm upgraded to Level 4 (severe)

Symantec Security Response continues to monitor Sobig.F. With the payload set to trigger today - Friday, Aug. 22 (Backdoor Trojan), Symantec Security Response has upgraded the threat to a level 4 on a scale of 1-5, with five being the most serious.

To help put this threat in perspective, the following may be of use to you:

· Klez.H -- At its peak, Symantec Security Response recorded 4,516 submissions per day. This threat peaked two weeks after it was discovered.

· BugBear.B -- At its peak, Symantec Security Response recorded 4,812 submissions per day. This threat peaked two days after it was discovered.

· BadTrans -- At its peak, Symantec Security Response received 3,709 submissions per day. This threat peaked seven days after it was discovered

"While Blaster and Welchia primarily impacted large enterprises, Sobig.F is predominately affecting consumers and small businesses," said Richard Batchelar, Country Manager, Symantec New Zealand. "Computer users should be reminded of computer security best practices and should not open attachments unless they are expecting them."

W32.Sobig.F@mm is a mass-mailing, network-aware worm that sends itself to all the email addresses that it finds in the files with the following extensions:


The worm utilises it's own SMTP engine to propagate and will attempt to create a copy of itself on accessible network shares. The email will have a Spoofed address (which means that the sender in the "From" field is most likely not the real sender). The worm may use the address as the sender.

The worm has a payload which outlines that according to UTC time, the day of the week must be Friday or Sunday and the time of day must be between 7pm and 10pm UTC (making it 7am to 10am on Saturday or Monday in New Zealand). During the payload, the author of the virus may download various files - including confidential information such as passwords. The author can also set up spam relay servers on infected computers and send out information to an undefined address. The virus deactivates on September 10, 2003. The worm de-activates on September 10, 2003. The last day on which the worm will spread is September 9, 2003.

Additional technical details and a removal tool for this worm may be found at -

Although Symantec Security Response is receiving approximately 1,800 submissions per day, Symantec's experts are not seeing the level of activities of past threats.


© Scoop Media

Business Headlines | Sci-Tech Headlines


Half A Billion Accounts: Yahoo Confirms Huge Data Breach

The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers. More>>

Rural Branches: Westpac To Close 19 Branches, ANZ Looks At 7

Westpac confirms it will close nineteen branches across the country; ANZ closes its Ngaruawahia branch and is consulting on plans to close six more branches; The bank workers union says many of its members are nervous about their futures and asking ... More>>

Interest Rates: RBNZ's Wheeler Keeps OCR At 2%

Reserve Bank governor Graeme Wheeler kept the official cash rate at 2 percent and said more easing will be needed to get inflation back within the target band. More>>


Half Full: Fonterra Raises Forecast Payout As Global Supply Shrinks

Fonterra Cooperative Group, the dairy processor which will announce annual earnings tomorrow, hiked its forecast payout to farmers by 50 cents per kilogram of milk solids as global supply continues to decline, helping prop up dairy prices. More>>



Meat Trade: Silver Fern Farms Gets Green Light For Shanghai Maling Deal

The government has given the green light for China's Shanghai Maling Aquarius to acquire half of Silver Fern Farms, New Zealand's biggest meat company, with ministers satisfied it will deliver "substantial and identifiable benefit". More>>


Get More From Scoop

Search Scoop  
Powered by Vodafone
NZ independent news