- Alert caused by Sobig.F, Blaster and Nachi.A:
Internet is suffering the largest worldwide virus attack ever -
Virus Alerts, by Panda Software (
http://www.pandasoftware.com)
Madrid, August 21, 2003 - Internet is suffering the largest worldwide virus attack ever. The almost simultaneous appearance of the worms Blaster -and its variants-, Nachi.A and Sobig.F are threatening all types of users, from home users to corporate networks of all topologies.
Sobig.F has become the virus that has spread the widest in the shortest time in the history of computer viruses. However, up until now, despite its incredible rate of proliferation, this malicious code has caused fewer incidents than expected. This could be due to the fact that it is being spammed from infected computers and as a result, the probability of a computer being hit by this worm is extremely high. Furthermore, Sobig.F is converting the computers it infects into spam generators, collapsing networks in a matter of minutes.
The incredible proliferation rate of Sobig.F is also affecting large institutions and corporations. According to an article published by ZDNET
http://news.zdnet.co.uk/business/0,39020645,39115845,00.htm, in just one day the Internet service provider AOL (America Online) has received 11.5 million mail messages infected by this virus. This article also highlights that Sobig.F is affecting institutions and corporations like the Massachusetts Institute of Technology and the U.S. Department of Defense.
Similarly, the Milwaukee Journal Sentinel
http://www.jsonline.com/bym/tech/news/aug03/163652.asp has reported that CSX, the biggest railroad company in the USA, has had to suspend its services in the metropolitan Washington D.C area due to the activity of a computer virus.
The activity of Sobig.F is expect to increase when companies recover normal working activity, due to the large number of infected messages that have been accumulating in the mailboxes of web servers over the last few days.
At the same time, Blaster and its variants, and the Nachi.A worm are busy attacking home users through the RPC DCOM vulnerability in the Windows operating system. According to data collected by Panda Software's international technical support services, an extremely large number of computers have been infected by these worms around the globe.
However, not only home users are vulnerable to attack from Blaster and Nachi.A, but also corporate users. In fact, as a result of Nachi.A, the airline Air Canada has had to delay or even cancel flights, according to a report published by CNN
http://www.cnn.com/2003/TECH/internet/08/20/aircanada.virus.reut/index.html.Luis Corrons, heads of Panda Software's Virus Lab believes that: "The appearance of these malicious codes within such a short space of time has significantly increased the probability of a computer being hit. The only way to combat them is by using updated antivirus programs and firewalls; if users are aware of this, the threat will slowly start receding."
In order to avoid falling victim these malicious code, Panda Software reminds users to treat all e-mails received with caution and update their antivirus solutions immediately. The multinational antivirus manufacturer has already released the updates, which ensure their antivirus solutions detect all of these viruses. Therefore, if your software is not configured to update automatically, you can update it from the company's website at
http://www.pandasoftware.com/.Similarly, Panda Software offers all users its free PQREMOVE utilities, designed to clean and restore computers affected by dangerous malicious code like Sobig.F or Blaster. These tools can be downloaded from,
http://www.pandasoftware.com/downloads/utilities/.Detailed information about Sobig.F, Blaster and Nachi.A and other malicious code is available from Panda Software's Virus Encyclopedia at:
http://www.pandasoftware.com/virus_info/encyclopedia/NOTE: The addresses above may not show up on your screen as single lines. This would prevent you from using the links to access the web pages. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL.
--
Forwarded email alert posted in full as a public service.