Excite Computers and technology
APReutersNew York TimesMSNBCUSA TodayAP Hi Tech

SoBig Virus Is So Worrying for Computer Users
 Email this story

Aug 21, 10:01 am ET

By Bernhard Warner, European Internet Correspondent

LONDON (Reuters) - A new computer virus feared to be the most potent ever spread like wildfire Thursday, sending e-mail networks crashing and frazzling technicians already overstretched by a plague of computer bugs.

The SoBig virus spreads when unsuspecting computer users open file attachments in e-mails that contain such familiar headings as "Thank you," "Re: Details" or "Re: approved."

Once the file is opened, SoBig, which first appeared Monday, scours the computer for e-mail addresses, checking in Word documents, Internet logs and e-mail inboxes.

Designed like mass-mailing spam programs, it then sends scores of messages to the addresses it has collected.

MessageLabs, a British-based Internet security firm, said one in 17 e-mails sent around the world since Monday had been affected by SoBig.

MessageLabs' chief information analyst Paul Wood said it was feared that it could increase global e-mail traffic by as much as 60 percent, slowing the Internet to a crawl.

"It's unprecedented in our history. We stopped over one million (infections) in the first day," he said.

"It's a pretty frightening statistic. And the next incarnation could be even worse."

Technicians have been scrambling for the past week to fend off the most concentrated digital onslaught ever seen.


The outbreak began 10 days ago with the so-called "Blaster" or "LovSan" worm which, by some estimates, infected more than 500,000 computers running the latest version of Microsoft Windows, the world's dominant operating system.

A "worm" is another kind of program that infects computers. Viruses tend to be spread via e-mail, bogging down corporate e-mail systems in particular, but then also weighing down the Internet through the e-mail traffic that it carries. worms travel through ordinary Internet connections searching for machines to infect.

This week, the "Welchia" or "Nachi" worm surfaced. It masquerades as a benign program that attempts to fortify computers against infection from Blaster.

But it packs a punch. It clogs computer networks, slowing Internet connections and even knocking systems offline. Nachia's victims include the European engineering firm ABB, Air Canada and the U.S. Navy and Marine Corps.

Thursday, experts in Asia and Europe were again urging computer users to shore up their machines with anti-virus software and to delete suspicious-looking e-mails, hoping that preventive medicine would stop this wave before the next round.

"This has gone to a whole new level. To have this sort of barrage coming at you is a nightmare for an IT technician who has to take care of a corporate network," said Graham Cluley, senior technical consultant for security firm Sophos Anti-Virus.

This version of SoBig, which is in its sixth incarnation, is programmed to expire on September 10.

 • E-Commerce Solutions
 • Get a Domain Name
 • Web Site Hosting
 • Internet Access

 Click here to email this page to a friend