FACTOID # 125: India’s criminal courts acquitted over a million defendants in 1999, more than the next 48 surveyed countries combined.
 
 Home   Encyclopedia   Statistics   Countries A-Z   Flags   Maps   Education   Forum   FAQ   About 
 
WHAT'S NEW
RECENT ARTICLES
More Recent Articles »
 

FACTS & STATISTICS    Simple view

  1. Select countries to view: (hold down Control key and click to select several)

     

     

    Compare:

     

     
  1. Select fact or statistic: (* = graphable)

     

     

     

  2. (OPTIONAL) Compare to statistic: (both need to be graphable)

     

     

     

  3. View result as:

     

       
(OR) SEARCH ALL encyclopedia, stats & forums:   

Encyclopedia > Sobig worm

The Sobig Worm was a computer worm that infected millions of Internet-connected, Microsoft Windows computers in August 2003. A computer worm is a self-replicating computer program, similar to a ... // Microsoft Windows is a range of operating environments for personal computers and servers. ... 2003 is a common year starting on Wednesday of the Gregorian calendar. ...


Although there were indications that tests of the worm were carried out as early as August 2002, Sobig.A was first found in the wild in January 2003. Sobig.B was released on May 2003. It was first called Palyh, but was later renamed to Sobig.B after anti-virus experts discovered it was a new generation of Sobig. Sobig.C was released May 31 and fixed the timing bug in Sobig.B. Sobig.D came a couple of weeks later followed by Sobig.E in June 25. On August 19, Sobig.F became known and set a record in sheer volume of e-mails. 2002 is a common year starting on Tuesday of the Gregorian calendar. ... 2003 is a common year starting on Wednesday of the Gregorian calendar. ... May 31 is the 151st day of the year in the Gregorian calendar (152nd in leap years), with 214 days remaining, as the last day of May. ... June 25 is the 176th day of the year (177th in leap years) in the Gregorian Calendar, with 189 days remaining. ... August 19 is the 231st day of the year (232nd in leap years) in the Gregorian Calendar. ...


The worm was most widespread in its "Sobig.F" variant.


Sobig is a computer worm in the sense that it replicates by itself, but also a Trojan horse in that it masquerades as something other than malware. The Sobig worm will appear as an electronic mail with one of the following subjects: A computer worm is a self-replicating computer program, similar to a ... In the context of computer software, a Trojan horse is a malicious program that is disguised as legitimate software. ... Malware (a portmanteau of malicious software) is any software program developed for the purpose of causing harm to a computer system, similar to a virus or trojan horse. ... Electronic mail, abbreviated e-mail or email, is a method of composing, sending, and receiving messages over electronic communication systems. ...

  • Re: Approved
  • Re: Details
  • Re: Re: My details
  • Re: Thank you!
  • Re: That movie
  • Re: Wicked screensaver
  • Re: Your application
  • Thank you!
  • Your details

It will contain the text: "See the attached file for details" or "Please see the attached file for details." It also contains an attachment by one of the following names:

  • application.pif
  • details.pif
  • document_9446.pif
  • document_all.pif
  • movie0045.pif
  • thank_you.pif
  • your_details.pif
  • your_document.pif
  • wicked_scr.scr

Technical Details

The Sobig viruses infect a host computer by way of the above mentioned attachment. When this is started they will replicate by using their own SMTP agent engine. Email addresses that will be targeted by the virus is gathered from files on the host computer. The file extensions that will be searched for email addresses are: Simple Mail Transfer Protocol (SMTP) is the de facto standard for email transmission across the Internet. ... A filename extension or filename suffix is an extra set of (usually) alphanumeric characters that is appended to the end of a filename to allow computer users (as well as various pieces of software on the computer system) to quickly determine the type of data stored in the file. ...

  • .dbx
  • .eml
  • .hlp
  • .htm
  • .html
  • .mht
  • .wab
  • .txt

The Sobig.F variant was programmed to contact 20 IP addresses on UDP port 8998 on August 26, 2003 to install some program or update itself. It is unclear what this program was, but earlier versions of the virus had installed the Wingate proxy server software, a backdoor often used by spammers to distribute unsolicited email. The Internet Protocol (IP) is a data-oriented protocol used by source and destination hosts for communicating data across a packet-switched internetwork. ... The User Datagram Protocol (UDP) is one of the core protocols of the Internet protocol suite. ... August 26 is the 238th day of the year in the Gregorian Calendar (239th in leap years). ... 2003 is a common year starting on Wednesday of the Gregorian calendar. ... Wingate is a proxy server and network address translator for Microsoft Windows. ... A proxy server is a computer network service which allows clients to make indirect network connections to other network services. ... A backdoor in a computer system (or a cryptosystem, or even in an algorithm) is a method of bypassing normal authentication or obtaining remote access to a computer, while intended to remain hidden to casual inspection. ... A KMail folder full of spam emails collected over a few days. ...


The Sobig worm was written using the Microsoft Visual C++ compiler, and subsequently compressed using a data compression program called tElock.


The Sobig.F worm deactivated itself on September 10, 2003. On November 5 the same year, Microsoft announced that they will pay $250.000 for information leading to the arrest of the creator of the Sobig worm. September 10 is the 253rd day of the year (254th in leap years). ... November 5 is the 309th day of the year (310th in leap years) in the Gregorian Calendar, with 56 days remaining. ... Microsoft Corporation, (NASDAQ: MSFT) headquartered in Redmond, Washington, USA, was founded in 1975 by Bill Gates and Paul Allen. ...


See Also

This is a list of noteworthy computer viruses and worms. ...

External links


  Results from FactBites:
 
PCWorld.com - Sobig Worm Getting Even Bigger (777 words)
Sobig is a worm that uses e-mail and shared network folders to infect machines running Microsoft's Windows operating system, according to information posted on the Web site of Helsinki antivirus company F-Secure.
As of Tuesday, F-Secure gave the worm a Level 2 ranking, indicating that it is "causing large infections" and putting it in a category with well-known predecessors such as the Klez worm.
For example, Sobig always arrives in e-mail messages from the same sender, big@boss.com, unlike recent successful worms such as Bugbear or Lirva, which generated their own sender addresses, swapped in trusted sender addresses from sources such as antivirus vendors, or selected them at random from a long list.
  More results at FactBites »


 

COMMENTARY     


Share your thoughts, questions and commentary here
Your name
Your comments
Please enter the 5-letter protection code

Want to know more?
Search encyclopedia, statistics and forums:
 


Lesson Plans | Student Area | Student FAQ | Reviews | Press Releases |  Feeds | Contact
The Wikipedia article included on this page is licensed under the GFDL.
Images may be subject to relevant owners' copyright.
All other elements are (c) copyright NationMaster.com 2003-5. All Rights Reserved.
Usage implies agreement with terms.