On Tuesday, August 19, 2003, 5:18:59 PM, Cyberspace Publishing commented: CP> I've been getting bounces containing this WORM_SOBIG.F (that's CP> what Trend Micro's newest SIG named it) since early this morning. CP> Nearly 70 so far! Every single one of them come to me with one CP> of five unique addresses in the "From:" field of the bounced CP> message.
Me, too, and I have always thought that Sobig was a spammers tool. I don't think it is so much that Sobig harvests addresses from the web - it is that it harvests the addresses from cached files on the users machine. But Sobig also is a trojan that creates a backdoor that allows outsiders access to a machine; other than that, it does very little damage. So my opinion has been that Sobig is a way for spammers to create open doors through which they can relay through infected machines. So basically, your problem is that someone who recently visited the band members site is infected. -Abigail ____ � The WDVL Discussion List from WDVL.COM � ____ To Join wdvltalk, Send An Email To: mailto:[EMAIL PROTECTED] Send Your Posts To: [EMAIL PROTECTED] To set a personal password send an email to [EMAIL PROTECTED] with the words: "set WDVLTALK pw=yourpassword" in the body of the email. To change subscription settings to the wdvltalk digest version: http://wdvl.internet.com/WDVL/Forum/#sub ________________ http://www.wdvl.com _______________________ You are currently subscribed to wdvltalk as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED]
