The Origin Of Sobig

MrZeebo writes "According to this story at Canada.com, the FBI, along with other authorities, have traced the origin of the Sobig worm. The quick timeline: Apparently, an earlier version of the worm installed a backdoor on a home computer in British Columbia. The creator of the worm used this compromised computer to create a Usenet account with Easynews.com in Phoenix, using a stolen credit card. The worm spread from Usenet, and contained the IP addresses of 20 computers to contact on Friday, and to download an unknown program from those computers. Officials were able to take 19 of these computers offline before the mass-download. However, the 20th computer stayed online, and many copies of the worm were able to get the rogue program. Those that did were merely redirected to a porn site, no damage done. However, now infected computers will continue to try and connect to the other 19 every Friday and Sunday until the worm expires on Sept. 10th." Reader muldoonaz points out this brief Reuters story about the investigation, too.

Damn...

[seanadams.com]

Am I the only one who's a little bummed that this virus may have been stopped dead in it's tracks here? I mean, my inbox got slammed with crap just like everyone else's, but because nearly all of my systems are running relatively secure operating systems, I've just kinda chuckle each time another dozen mesages shows up automatically routed to my "Junk/virii" folder.

It is pure, gleeful schadenfeude for me to think of all the hapless PHBs and MSCSE CIOs who are finally being given a little hint as to just how vulnerable they've left their companies. In the short term yes, many people will be inconvenienced and possibly some critical systems knocked out. But these hapless companies and also the public sector will eventually be forced to learn, and that's ultimately a good thing for all of us.

Re:Another day, another worm

[drewpt]

Blame the crooks! Sure, they hold some of the blame, but both builders KNEW the crooks were out there.

Some of the blame? IMO, the virii writers should shoulder most of the blame.

One of the problems with America, is nobody takes responsibility for their own actions these days. It's really very sad.

Re:Another day, another worm

[NanoGator]

"Ultimately, could Microsoft be blamed for these viruses? After all, if they didn't miss these bugs..."

You do realize that the people who program for Microsoft are normal everyday mistake making humans, right? You also realize that somebody spent a great deal of time trying to find that exploit, right?

MS could be held responsible, but what would that really accomplish? MS can run around trying to do everything it can to make itself 'exploit-free', and somebody'll find a way to be obnoxious anyway. Chain letters come to mind. Socially engineered obnoxiousness.

Here's the problem, though. The same types of humans that write MS code also write Linux code. If a worm hits Windows and causes damage, and MS gets penalized for it, that sounds all great and cool and stuff because everybody hates Microsoft. Now, treating everybody fair and equal here, what happens when a defect in Linux allows for a worm to be just as mischevious? Worse, Linux is more commonly used in life or death situations, as opposed to a desktop intended to entertain. Tons of money could be on the line here. How would Linux be penalized? Given its decentralized nature, that could be unenforcable. However, if it was enforced, the community would have a nasty problem on their hands. If not, then the corps that use these OS's would be wondering if it's more valuable to have somebody accountable for the code they write. Boom, back to MS.

Think about what I've said. That's a can of worms you don't want to have opened.