Slashdot Mirror


So, Who Wrote Sobig?

An anonymous reader writes "F-Secure's Virus Blog posted links to a 48-page technical study on who wrote the infamous Sobig worm which went around the world last year. The study is done by anonymous authors. The study concludes that author of this worm is a Russian programmer and goes out all the way to name him. This file has now been posted publicly but on Geocities and and Tripod. So you can have a look by yourself and make your own conclusions."

3 of 187 comments (clear)

  1. Re:Kasperski by gmuslera · · Score: 4, Insightful
    The old myth that says that the antivirus makers are the ones that are developing virus? I use AVP/KAV since a decade ago, first in DOS and now in Linux, and is one of the best (if not THE best) available antivirus on the market.

    Even know someone that programmed a test virus long time ago, and sent to antivirus publishers to see how well it could be detected, and the response from the community of that time, specially the people from Kaspersky, was very against that kind of "tests", so is very improbable what you are telling there (and that includes too most of the other biggest players 10 years ago if the same is said about i.e. F-Prot or McAfee people)

    At least without hard proof (not just speculation or just urban myths) i would give that notice the same weight as that Bill Gates is sending big bucks to any that continues a chain letter.

  2. Re:Circumstantial evidence. by analog_line · · Score: 4, Insightful

    Well, you obviously didn't glance through all of the points, as you neglect to mention the opcode simmilarities, timeline of significant releases of both pieces of software and the activites of groups known to use Send Safe, and SoBig.

    Not to mention the exhaustive opcode comparison diagram at the end of the document.

    Circumstantial evidence, it may be, but that doesn't mean it's not valid. And what is forensics aside from a circumstantial investigation? Getting as many facts as you are able to directly observe in order to come to a logical conclusion about a question you can't directly observe the solution to.

  3. Not saints, but not devils by phorm · · Score: 4, Insightful

    While many of the linux community aren't saints, the attitude-in-general towards viruses and their makers is negetive. You're not going to get a pat-on-the-back from the community for creating an anti-windows virus, you're going to get a kick-in-the-ass for dampening the reputation of the community. Furthermore if a bounty comes up for the virus it's likely somebody will turn you over if possible.

    MS would love to be able to state that linux programmers are behind virus attacks on windows, and most are smart enough to realize that.

    We don't love windows, but we're smart enough not to dirty our hands with viruses, partly because we hate viruses more than we'll ever hate windows (viruses/etc being in-fact one of the reasons for disliking windows)