S E R V E R   S I D E
Jim Bassett's Weblog

home
geneva blog
View current page
...more recent posts

Yet another Windows virus, Sobig.f, the sixth iteration of the Sobig virus (Sobig.a, Sobig.b... Sobig.f.) Technical details of Sobig.a are here, and further details on variants .b through .e are here. Sobig.a first appeared in January 2003, followed by .b in May, and then .c, .d, and .e in June, and now .f in August.

I'm getting hammered by this one (I can't be infected *because I don't run Windows*, but I can have my mailbox completely filled with 70KB .pif win32 executables. Grrrr.)

When are people going to learn? I guess never, since they haven't already and the lesson could hardly be easier: Don't double click on any attachment you receive in email. Especially don't click on any attachment if it contains any of the following file suffixes:

ADE Microsoft Access Project Extension
ADP Microsoft Access Project
BAS Visual Basic Class Module
BAT Batch File
CHM Compiled HTML Help File
CMD Windows NT Command Script
COM MS-DOS Application
CPL Control Panel Extension
CRT Security Certificate
DLL Dynamic Link Library
DO* Word Documents and Templates
EXE Application
HLP Windows Help File
HTA HTML Applications
INF Setup Information File
INS Internet Communication Settings
ISP Internet Communication Settings
JS JScript File
JSE JScript Encoded Script File
LNK Shortcut
MDB Microsoft Access Application
MDE Microsoft Access MDE Database
MSC Microsoft Common Console Document
MSI Windows Installer Package
MSP Windows Installer Patch
MST Visual Test Source File
OCX ActiveX Objects
PCD Photo CD Image
PIF Shortcut to MS-DOS Program
POT PowerPoint Templates
PPT PowerPoint Files
REG Registration Entries
SCR Screen Saver
SCT Windows Script Component
SHB Document Shortcut File
SHS Shell Scrap Object
SYS System Config/Driver
URL Internet Shortcut (Uniform Resource Locator)
VB VBScript File
VBE VBScript Encoded Script File
VBS VBScript Script File
WSC Windows Script Component
WSF Windows Script File
WSH Windows Scripting Host Settings File
XL* Excel Files and Templates

(Above list snipped from a /. comment.)

Or, in other words, don't fucking click on any attachments! I'm getting Sobig.f as a .pif attachment, but any of these other file types *could* be vectors for virus transmission.

But really, shouldn't you just buy a Mac?
- jim 8-20-2003 6:19 pm [link] [22 comments]

older posts...