This August has seen two massive virus attack, with the MSBlaster followed by Sobig. Sobig is believed to have a motive other than causing damages. It creates a large number of compromised computers, which is ideal resources for email spammers to relay spams. LURHQ has analysed the virus in a series of articles, from the first Sobig.a to Sobig.e to the now well known Sobig.f. It describe how Sobig transforms itself from an email attachment to a trojan proxy server using a sophisticated multi-staged technique to elude effort to block it. Evidently spammers is associated with high-tech crime network profiting from computer vulnerability.
2003.08.29 comments -