[GLLUG] SoBig.F Spam
Chick Tower
c.tower at express56.com
Wed Aug 27 00:58:38 EDT 2003
I started getting SoBig spam messages on Sunday at this e-mail
address, which I hardly ever use, and I wondered how that could be.
It not only spams addresses in the address lists of infected PCs, it
spoofs at least some of those addresses in messages sent to other
people, so I've been getting automated messages from mail systems
saying my messages couldn't or wouldn't be delivered. Today I
received some SoBig-generated messages purportedly from two posters
on this mailing list. I suspect that this mailing list has somehow
been compromised, obviously by a computer running Windows. Could
that be the mail server for this mailing list? It might be that
someone receives this mailing list on a Windows PC and, when they
reply to someone who posted a message, the address is automatically
saved in their address book. That sounds like something Outlook
would volunteer to do for users.
I'm not trying to determine or assign blame, and it's too late to do
anything about it for this version of the worm, but it would be nice
if it doesn't happen when SoBig.G comes out. That's especially true
for those of us using dial-up access, because each SoBig message has
an attachment that's about 75KB in size. What really annoys me is
that I had been using a Linux-only PC for about the previous three
weeks, but a Windows worm can still screw with me.
Chick
More information about the linux-user
mailing list