The Sober. X computer worm that began flooding inboxes last month masquerading as a threatening e-mail from federal investigators made a...
WASHINGTON — The Sober.X computer worm that began flooding inboxes last month masquerading as a threatening e-mail from federal investigators made a resurgence this week, with security experts now calling it the most prolific e-mail worm ever unleashed.
The junk traffic generated by Sober has bogged down e-mail systems at some of the nation’s largest Internet service providers. For several days last week, subscribers of Microsoft’s Hotmail and MSN e-mail services experienced long delays in receiving new messages as the company struggled to filter out Sober-generated traffic.
E-mail security company Postini said it has quarantined more than 441 million Sober-infected messages since Nov. 22, twice as many messages as the largest previous attack on record, which was the Mydoom worm in January 2004.
The Sober worm’s spread peaked around Thanksgiving, then tapered off over the weekend, according to Andrew Lochart, Postini’s senior director of marketing. Early this week, however, it staged a comeback.
Most Read Stories
- This season, Seahawks have crossed the line from brash to just plain unlikable | Matt Calkins
- Christopher Monfort, killer of Seattle police officer, found dead in prison cell
- How Seattle Mayor Murray’s plan to help homeless living in RVs unraveled VIEW
- Why are home prices so high? Seattle has 2nd-lowest rate of homes for sale in U.S.
- UW star quarterback Jake Browning has surgery on throwing shoulder
The worm most often comes attached to an e-mail supposedly sent by the FBI or CIA, claiming that the government has discovered you visiting “illegal” Web sites and asking you to open an attachment to answer some official questions. Microsoft Windows users who click on the attached file infect their computers with the worm, which then e-mails copies of itself to every address found on the victim’s machine.
Sober lowers security settings on infected machines, but unlike most e-mail-borne viruses and worms, it does not carry an overtly malicious payload. Rather, research unveiled Wednesday suggests the worm may be laying the groundwork for a new attack early next year.