Page 1 of 3 123 LastLast
Results 1 to 25 of 54
  1. #1
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    1,663
    We've gotten over 100 spam messages with .pif attachments over the last hour. We've also gotten 5 messages from mail systems stating that they've received emails with attachments containing viruses, indicating that our email addresses are being used to send some of these.

    Needless to say, don't open any attachents in emails from strangers, especially .pif files.

    Wayne

  2. #2
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    767
    I got some of those, too.

    Irma

  3. #3
    ABW Ambassador mousejockey's Avatar
    Join Date
    January 18th, 2005
    Posts
    2,494
    I've just received a heap of them too..what's going on

  4. #4
    Member
    Join Date
    January 18th, 2005
    Posts
    144
    Yep - over 300 for me so far. Most have these subject lines:

    Thank you!
    Your details
    Approved
    Wicked screensaver
    Your application

    Also the same above with "RE: " prefixed

  5. #5
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Nunya, Business
    Posts
    23,684
    Yeah, noticing same thing. Find them, put them in jail.

    I work in lounge pants

  6. #6
    Full Member
    Join Date
    January 18th, 2005
    Posts
    297
    Same here, apparently I've 'sent' out over a hundred of these. Im getting autoreplies with peoples' 'out of office' messages. what a mess!

    Sal @ PHATBargains.com

  7. #7
    ABW Ambassador
    Join Date
    January 17th, 2005
    Posts
    2,160
    Same here. Only 2 so far though.

    Mad Doctor Gfufy

  8. #8
    ABW Ambassador CDC's Avatar
    Join Date
    January 18th, 2005
    Posts
    751
    I'm getting a lot of them!

  9. #9
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    2,419
    Holy cow - Same here. What a waste!

    ===============================
    PeePee merchants with PooPoo policies allow our earnings to be flushed down the crapper.

    Why give parasites unlimited cookie durations and credit for sales where they divert our users and overwrite our cookies. PP merchants directly support what many consider unfair trade practices and thievery!
    ===============================

  10. #10
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    I'm getting them too. Love to find the perp and hook his nipples up to my car battery and make him dance the jig.

    Mike & Charlie ...

    If they won't adopt and feed a bird ..flip them one! BBQ some Gator and remember to flush WhenU..

  11. #11
    Full Member
    Join Date
    January 18th, 2005
    Posts
    347
    It's called SoBig.F.

    Apparently it started in Norway today, with as much as 33% of the activity coming from Norway in the early hours of the attack.

    It has now spread around the world in a matter of hours.

    Read more here.

  12. #12
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    Easy enough to stop, it's like Sobig.D (Sobig.E is harder becuase it uses ZIP files).

    Combine that with the ping storms that the Nachi worm is creating, plus the remaining MSBlast worms probing at port 135 and it's noisy out there.

    Incidentally, I'm getting one "ping" for every port 135 probe. MSBlast is losing this one but I'm getting a ping every 3-4 seconds now.

    ________
    All your commission are belong to us.
    Check out the latest Homeland Security press releases.

  13. #13
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    1,205
    Over 1000 here at my day job. About 60 bounce notices saying they won't let the attachment through.

    Made me curious: I did a search on my file system and in my registry for whatever the name of the file was. I'm clean. :whew:

    Consistency is the key to a winning season.

  14. #14
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Nunya, Business
    Posts
    23,684
    Dynamoo this one is Sobig-F

    "Like other variants of Sobig, the worm is programmed to stop working on a particular date. Sobig-F is designed to quit on Sept. 10."

    "Sobig-F is the latest variant of the Sobig worm to be detected spreading rapidly throughout the wild. The newest variant was first detected Monday, Aug. 18 and appears to have originated in the United States, according to analysts from MessageLabs, Inc., an anti-virus company based in New York.

    Sobig-F is a mass-mailing worm that can also spread via network shares, according to Sophos, Inc., an anti-virus company based in Lynfield, Mass. When it arrives via email, the worm poses as a PIF or SCR file.

    ''The author of the Sobig worms has pulled this particular confidence trick several times before,'' says Graham Cluley, senior technology consultant for Sophos. ''Many users know to be cautious about running unsolicited EXE files, but they should be equally wary about running PIF files or screensavers. All computer users should exercise caution when deciding what is safe to run on their computers.''

    Analysts report that the sender's address is spoofed. The subject lines used are taken from a list, including 'Re: That movie', 'Re: Wicked screensaver', 'Re: Approved' and 'Your details'.

    Like other variants of Sobig, the worm is programmed to stop working on a particular date. Sobig-F is designed to quit on Sept. 10.

    ''Putting a 'dead-date' on his viruses suggests that the Sobig author is effectively test-driving his creations to see which tricks work best from the technical and psychological point of view,'' explains Cluley. ''Releasing Sobig variants on different days of the week, and using slightly different subject lines and filenames, suggests that the worm's author may be trying to find the 'perfect' conditions under which his viruses can spread most quickly.''

    The Sobig family of worms has been a major problem for IT managers, wreaking havoc on the Internet for months now. Last month, Sophos reported that the Sobig family accounted for more than half of all virus reports for July.

    Five Sobigs have been released this year. Sobig-E, a new variant, accounted for 47.8 percent of all worm and viruses incidents reported to Sophos last month. And it accounted for nearly 18 percent at Central Command, Inc., an anti-virus company that also tracks the worst virus offenders.

    Sophos analysts report that, combined, the Sobig worms have had the biggest impact on business networks so far this year."

  15. #15
    Full Member
    Join Date
    January 18th, 2005
    Posts
    390
    I've gotten slaughtered at my work, Yahoo, and web site emails. Thank goodness SpamNet is installed at work.

    This is frigging insane....

  16. #16
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    UK
    Posts
    539
    i have had the same, loads!!! i have also had people emailing me asking why i am sending them emails and who am i??

    how can people be using one of my email address?? i have checked my viruss i am fine!!

    whats going on?

    And people say I'm just a housewife!!! ha ha

  17. #17
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    Yeah I know it's Sobig.F.. I was just saying, it's more like Sobig.D in that it uses PIF and SCR so is easy to stop if your firewall strips these out. We had problems with Sobig.E because it uses ZIPs, but F doesn't.

    Not had a single one at home. A couple of people got hammered at work. Couldn't determine the source IP properly though.. weird.

    ________
    All your commission are belong to us.
    Check out the latest Homeland Security press releases.

  18. #18
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Palm Springs, CA
    Posts
    866
    So far 7 of my sites have had their email addresses spoofed and I'm getting tons of mail delivery notification errors. What a mess.

    Kip

  19. #19
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    1,133
    I wondered if if was just me, GUESS NOT! They just keep coming in in wave after wave too. Some type of email virus I assume, spreading via people contact lists in outlook....

  20. #20
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    Tamalyn, the "from" address is faked. Most likely it's being sent by someone you know. A close look at the mail headers might give you a few clues, but most likely not.

    We had to push out TWO virus updates today.. first time ever. One for the Nachi worm and one for Sobig.F.

    ________
    All your commission are belong to us.
    Check out the latest Homeland Security press releases.

  21. #21
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Nunya, Business
    Posts
    23,684
    Ah, sorry Dynamoo, read that wrong. So all of these Sobig worms are the work of 1 guy? That always amazes me how somebody can get away with this. How there are all these companies out there and they can't get this 1 person or maybe more that 1 person.

  22. #22
    ABW Ambassador flamingoworld's Avatar
    Join Date
    January 18th, 2005
    Posts
    5,208
    I have gotten several hundred also.
    What a pain in the @ss.

    Connie Berg
    http://www.flamingoworld.com


  23. #23
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    We'll probably see our old friend Bugbear again soon. <sigh>

    Still, touch wood, I've never had a virus infect my PC. I don't use Outlook or Outlook Express, I use Eudora, and I have ZoneAlarm stripping off the executables. My spam filter, SpamCop picks up anything coming in that way, and I always have my patches up to date. Odd thing is that I hardly ever remember to update my anti-virus signatures, but with all the other layers of defence it's not a problem.

    ________
    All your commission are belong to us.
    Check out the latest Homeland Security press releases.

  24. #24
    Affiliate Manager
    Join Date
    January 18th, 2005
    Posts
    691
    Same here. The most recent one I got had a return address of ...@hol.gr. While I didn't know the sender, I did know someone from that domain. So I'm thinking it got sent out through his address book.

  25. #25
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    UK
    Posts
    539
    i have defintely not got any of the virus, i never even got the ms blast thing as I am on win me!! knew it was good for something - lol

    I have got norton - which has bit updated earlier, and i have aslo ran the stinger from mcafee, its really annoying when stupid idiots do this!!

    they should do something more constructive with their talents!!

    And people say I'm just a housewife!!! ha ha

+ Reply to Thread
Page 1 of 3 123 LastLast

Similar Threads

  1. Spam-Virus Flood
    By Jane in forum Virtual Family and Off-Topic
    Replies: 3
    Last Post: April 8th, 2004, 12:27 AM
  2. Year-End Blitz at StylinEyes.com! BIG SAVINGS!
    By ATKOgirl in forum Couponer's Corner
    Replies: 1
    Last Post: December 4th, 2003, 10:38 AM
  3. WhenU, Spam, and Virus
    By Kellie aka Ms. B in forum WhenU
    Replies: 2
    Last Post: July 8th, 2003, 03:42 PM
  4. "Virus turns PCs into spam machines"
    By Dynamoo in forum Spam
    Replies: 7
    Last Post: June 27th, 2003, 02:06 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •