SoBig virus variant rapidly inflecting Windows machines; Macintosh unaffected

“Welcome to the summer of the worm,” writes Dennis Fisher for eWeek. “Hard on the heels of the Blaster worm outbreak, yet another version of the resilient and ever-popular SoBig virus began spreading rapidly on the Internet Tuesday morning. Known as SoBig.F, the new variant behaves much like its older siblings, infecting Windows machines via e-mail and sending out dozens of copies of itself.”

Fisher reports, “The variant began spreading early Tuesday Eastern time, and by 9 a.m. Tuesday, MessageLabs Inc. had stopped more than 10,000 copies. The virus size is approximately 73 KB, and the attachment that actually contains the malicious code can carry any one of a number of names, according to iDefense Inc., a security company based in Reston, Va… SoBig.F installs a copy of itself in the Windows registry, in a file named ‘winppr32.exe.'”

Full article here.

36 Comments

  1. The day someone can write a virus that infects Mac OS X will be the day I start believing ANYTHING the Wintel trolls on this forum insist of posting DAY AFTER DAY AFTER DAY AFTER DAY!

  2. Viruses can be written for Mac OS X. How many of you all out there are running your machine as “administrator”?

    The problem is spreading it so that it runs “automatically”.

    I’m sort of hoping I can find something in an MP3…

  3. If you use M$, you deserve what you get. Bill and his boys don’t care about their customers, once they have the money. Jezz some people like pain or are just plain stupid. Probable a lot of both.

  4. Regarding a virus on OS X…

    Idiotic users release viruses onto their machines by blindly opening email attachments (at least among home users). Mac users are generally much less idiotic, so even if one were to successfully write a virus that were able to propogate itself outside of an individual Unix machine (includes OS X), the greater challenge would be to lobotomize enough Mac users to make it effective.

  5. In order to write malware for OS X one would have to learn a lot about OS X. That rules out most script kiddies. Let’s face it, if you understand OS X that well how could you be that pissed at Apple that you would such a thing?

  6. Mac OS X viruses CAN be made, but even after several years, none have been. Someday a few WILL be–but never as many as on Windows. I say this because I’ve been looking into viruses on UNIX in general–and NO flavor of UNIX has remotely the level of problems with worms and viruses that MS does.

    We’ll just have to accept that we’ll never fully be able to join the fun.

  7. Explore and enjoy–security bulletins for every OS and vendor from the US DOE:

    http://www.ciac.org/ciac/bulletinsByType/bul_vendor_list.html

    Looking at the TEN MOST RECENT bulletins for ALL flavors of Mac OS combined will take you all the way back to the 1980s! Only two for OS X–both vulnerabilities that were patched without being exploited. Both in 2001… nothing for 2002 OR 2003 for any Mac. Other UNIX versions fare nearly as well as Macs.

    The ten most recent bulletins for Windows XP alone take you back… 7 months! Lots of worms and viruses. The total for all Microsoft products is 49 bulletins… in 2003 alone.

  8. One issue with M$ worms is the COM architecture. It requires no knowledge of the internals of Windows system for a worm to ask – say – WinZip to unzip a virus, Windows to launch the application, and Outlook to send replica of zipped virus to all its address book as attachment.

    On OS X (and Unix) the same author should practically know every details on how interoperate all those internals. Not so easy.
    That’s a very simplistic explanation but contains the essential lines.
    An Applescript can do basically most of those things but not invisibly: ie you would see applications launched in front of your eye rather then behind the scenes and renders things less effective: practically all applications on OS X asks for permission to the owner like: where do you want to unstuff this, shall I delete that?, do you want to send this message now?
    Sure there might be some Macs to be configured with all the default replies set via preferences but those are certainly not going to be the majority. On Windows everything (from a worm) can be commanded without the user even noticing an application is doing what the work has asked it to do. On a Mac the worm would need much more user cooperative real time interaction in order to complete its work.

  9. Oh yes, forgot: some Windows PC got MSBlastered. Now the enfoced policy is to shut down Windows computers whenever they are left unattended. LOL

    Don’t you love it? Can’t stop giggling and my Windows colleagues cannot but look at the floor when I pass by LOL

    They shut down at EVERY coffee LOL

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.