|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Don't beat me, but i've noticed a huge influx of these .pif virii today.
In message <[email protected]>, Drew We aver writes: > Don't kill me for posting this, it may be slightly off topic but >I have noticed a very odd spike in traffic with these virii that have .pifs >attached to them. > >The subject is random. > >The body always says: > >"See attached file for details" and they're always a pif file. > >Anyone else notice this? Please don't post in html. Anyway -- it's the sobig.f virus. According to http://securityresponse.symantec.com/avcenter/venc/data/[email protected] it scans a variety of file types on the infected machine to find email addresses to abuse. It's not always a .pif file; sometimes, it's a .scr file. --Steve Bellovin, http://www.research.att.com/~smb
|