|
Worm/Sobig.F May Establish a Trojan Cyber Army for Possible Attack; Potentially Millions of Computers Awaiting Instructions
Worm/Sobig.F de-activates spreading on September 10, 2003, next possible Sobig variant expected on or near September 11, 2003
Central Command, a provider of PC anti-virus software and services, cautions Internet users of the next possible Sobig cyber attack on or about September 11th, 2003. Discovered on August 19, 2003, Worm/Sobig.F is estimated to have infected millions of systems worldwide and may draw on them to be part of a cyber army focusing a digital assault against major online services.
When particular conditions are met, Worm / Sobig.F will attempt to download additional components of the attackers choice. The pre-configured conditions include performing tests to determine if the current day is Friday or Sunday between the hours of 19:00 (7PM) and 22:00 (10PM) UTC time. When these conditions are met, the worm will attempt to retrieve further instructions that may include the downloading and execution a backdoor hacker program. Backdoors can allow someone with malicious intent to gain full control of the infected computer.
"The virus author(s) of Sobig have developed a predictable pattern of releasing new variants soon after the current version de-activates itself," said Steven Sundermeier, VP Products and Services at Central Command, Inc. "If the past repeats itself we could be looking at a newly constructed creation shortly after September 10th. A potential risk is that the massive army created by Worm/Sobig.F could be used to launch an all out attack on large Internet infrastructures, for example, by means of a Distributed Denial of Service attack (DDoS)."
Central Command's Emergency Virus Response Team (TM)
is monitoring all the potential uses for creating such a large arsenal of controlled systems and highly recommends developing safe computing practices when handling email attachments to prevent future widespread infections.
Source: Central Command
Aug. 21, 2003
|
|