Happy Birthday, SoBig

By | January 8, 2004

A press release from email security folks MessageLabs points out that tomorrow is the first anniversary of the SoBig.A worm’s debut. SoBig.A (the A bit means it was the first of a stream of worms that were somehow based on the SoBig worm) wasn’t just any kind of worm, MessageLabs point out. SoBig.A was unique in being the first virus to use convergence techniques to create maximum havoc.

Basically this means SoBig.A didn’t just do one thing. It incorporated both spamming and virus writing techniques — infecting hundreds of thousands of computers worldwide, installing open proxies on compromised machines, which were then used to disseminate spam — unknown to the users. To date, MessageLabs has intercepted 727,102 copies of the worm in 183 countries, and it continues to spread.

SoBig was so successful it’s now into version F, the most prolific virus to date. The SoBig family, MessageLabs say, has also served as the model for other viruses using convergence techniques, such as the Fizzer worm. MessageLabs predicts that this style of virus writing will be extensive during 2004.

Needless to say, this all helps blur the boundary between spammers, scammers, virus writers (and, probably, the Mob). Says David Banes, MessageLabs’ Technical Director Asia Pacific: “The success of SoBig has served as an inspiration to cyber criminals, and demonstrates what can be achieved when they work together.”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.