This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

OT: Sobig (was Re: Observation on the recent junk mail flood)


It's not an e-terrorist, it's an Outlook virus randomly picking from:
and to: addresses from its address book.

I do not think any bogus subscriptions actually succeeded.

zw

As a point of clarification, the Sobig.F virus, which is causing this mess, is not an Outlook virus. It is a Win32 executable that searches your hard drives for strings of the form *@*.* in a whole range of files including .txt and .htm{,l}.


It then connects to the default SMTP server and sends itself to all the addresses it finds using a random From: address from that same generated list. The headers that it uses are forged to make it look like it came from MS Outlook.

Since it is not Outlook based, this executable could conceivably run under WINE; so Linux users should not think that they are guaranteed safe from infection.

Kelley Cook -- with my CISSP hat on.



Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]