.... Internet marketing resources, ecommerce web site design tutorials
  Taming the Beast - quality web marketing and ecommerce development services .... .

 

Click here to return to Taming the Beast's Home Page

Ecommerce & Web Marketing Ezine.
August 24, 2003 

View the TTB Ezine Archive

Welcome to our new subscribers!

SoBig Summer Tour 03

Phew, what a week this has been. As so many people have been affected by viruses in the last few days, I'm putting off sending this ezine edition to our email lists. I know that we've had enough to contend with in our own inboxes.

I've been around the Internet for some time now, but never have I seen an email virus create so much havoc to our systems. Even Klez was a minor irritation compared to the SoBig.f virus.  While we weren't infected, the amount of emails thrown at our domain was staggering - over half a gigabyte of infected mail in under two days - and it's still pouring in.

At this point in time, I can't use Outlook to directly check my mail. I need to screen it via webmail first so that we don't wear a massive excess bandwidth bill from our ISP - which would have been in the vicinity of around US$200 extra for this month. Usually we remain well inside our quota.

SoWhat?

What's the big deal? It's just another email virus right? Wrong. This is a sixth generation SoBig variant - each one more disturbing and active than the last. SoBig.F is the fastest spreading email virus in the history of the web.

SoBig.F spreads when computer users open file attachments in infected e-mails that contain the subject lines:

  • Re: Details
  • Re: Approved
  • Re: Re: My details
  • Re: Thank you!
  • Re: That movie
  • Re: Wicked screensaver
  • Re: Your application
  • Thank you!
  • Your details

Once the file is opened, SoBig.F scans the infected computer for email addresses and signs the e-mail using a random name and address. The mailer application within the virus is particularly robust and can produce infected emails at an alarming rate.

This current mutation is scheduled to stop functioning in September - meaning that the virus writer has plans to release another one. The damage created by SoBig in terms of downtime will run into hundreds of millions of dollars before it is finished. 

Well over 1 million computers were infected within the first couple of days. We had a spate of emails from *one* user coming in at the rate of 100 an hour. We managed to have that email address blocked, but by the next morning as the infection spread throughout the world it became absolutely impossible to track origins and take action. For us, it means we've lost a couple of hours each day in dealing with it.

SoBig, SoBad, SoUgly

The scary thing about SoBig is that is just a taste of things to come in virus evolution. It also had some pretty nasty features that were discovered some time after the AV companies had identified the virus and released updates for their clients.

A massive hunt was undertaken in a number of countries to switch off 20 home PCS with broadband connections that were scheduled to be targeted by hundreds of thousands of computers infected by Sobig.F at 1900 GMT on Friday.

Security boffins discovered late on Thursday night that the Sobig.F virus was programmed to tell infected machines to contact these 20 computers to download an unidentified program. At this point, they still didn't know what the program was, and the consequences could have been disastrous - even just from these infected machines contacting the "host" computers. The traffic created by this contact would have been staggering. Luckily, all these machines were located and it turned out that the mysterious download was nothing more than the address for an adult site.

At one point, it was estimated that one in seventeen emails floating around the 'net was the SoBig.F virus. It is also feared that the worst may be yet to come as people in the Northern Hemisphere return from vacation and check their email. It's currently estimated that 30% of systems in China are infected due to the overall lack of technical knowledge held by Chinese Internet users.

Where did SoBig come from?

The FBI has subpoenaed an Internet Service provider based in Arizona so they can trace SoBig. The virus is thought to have been first communicated via an adult UseNet group accessed via the Arizona ISP. It's still not known where the virus writer originates from.

What will the next SoBig variant do?

Nobody knows, and this incident has shown that that it's probably important that all hosting services and ISP's start examining what they can do on the server side of things to minimize the effects of a similar virus being released. Thousands of ISP's have been slowed to a crawl in recent weeks due to the combined effects of SoBig and MSBlast. If the SoBig programmer isn't caught, the next time around may be even more serious. 

Due to SoBig, MSBlast and a couple of other current viruses, the infrastructure of a number of large corporations and organizations has been affected. It's rumored that even the New York Times was brought to its' knees during this onslaught and I read a report on Saturday evening that the City of Ottawa's government systems were also affected.

Anti-virus software.

It still surprises me that many people in tech savvy countries do not run AV software. In some cases it's due to ignorance and in other due to financial constraints. I've mentioned often in the last 18 months that there is a free solution available - AVG AntiVirus. AVG has successfully protected us against tens of thousands of viruses in the last one and a half years. You can download a free version from the GriSoft site:

http://www.grisoft.com 

Remember to update your anti-virus software.

It's of very little use to have AV software if you don't update it regularly. It's very important to understand your software - spend some time reading the appropriate documentation. Also bear in mind that your anti virus software should be considered the last line of defense, not the first. If you are using MS Outlook or Outlook Express, ensure that you turn off your message preview window as many viruses can execute via the preview pane without you needing to fully open the message.

Further SoBig information

For a technical overview of the SoBig virus and removal advice:

http://securityresponse.symantec.com/ avcenter/venc/data/w32.sobig.f@mm.html 

It's also been interesting to watch the progress of this and other viruses via our real-time virus tracker map feature:

http://www.tamingthebeast.net/misc/virustracker.htm 

(for an added update on SoBig from us - click here)

New articles on Taming the Beast.

Anchor Text - it's how you link that counts.

In recent times it's becoming more and more apparent that being linked from other related quality sites isn't the be all and end all in terms of rankings - it's also how you are linked that counts. My latest article on the importance of anchor text can be viewed here:

http://www.tamingthebeast.net/ articles3/anchor-text-optimization.htm 

Marketing and productivity tools downloads

Web macro software - there's many tasks we perform each day as part of our online business practices that can be automated. The award winning Iopus Internet Macros was one of the first macro packages designed for the web - learn more about it here:

http://www.tamingthebeast.net/ tools/web-macro-software.htm 

Have an affiliate program? Looking for an effective way to boost the number of "super affiliates" you recruit? Check out the Super Affiliate Generator:

http://www.tamingthebeast.net/ tools/recruit-affiliates.htm 

Wanting a mailing list solution that won't require a second mortgage? We've reviewed a number of solutions. Read our results here:

http://www.tamingthebeast.net/ tools/autoresponder-software.htm 

That's it for this issue. Thanks for taking the time to read the ezine, I hope that you are finding the information of value.

Other resources on Taming the Beast.net

Search engine optimization tutorials

General web marketing & promotion articles

Online business security articles and tools

Affiliate marketing strategies and tutorials

Ecommerce tutorials and guides.

Web development tutorials and articles

Michael Bloch
Taming the Beast.net
http://www.tamingthebeast.net
Tutorials, web content, tools and software
Web Marketing, eCommerce & Internet solutions. 
____________________________

 

Home

 

Get paid cash taking online surveys - free to join online 
survey companies that will pay you cash for your opinion!

In Loving Memory - Mignon Ann Bloch

copyright (c) 1999-2011  Taming the Beast  Adelaide - South Australia 

Profile - Contact - Privacy - Consultants Portfolio 

Search Site - Terms of Service - Social/environmental