The Sober. X computer worm that began flooding inboxes last month masquerading as a threatening e-mail from federal investigators made a...

Share story

WASHINGTON — The Sober.X computer worm that began flooding inboxes last month masquerading as a threatening e-mail from federal investigators made a resurgence this week, with security experts now calling it the most prolific e-mail worm ever unleashed.

The junk traffic generated by Sober has bogged down e-mail systems at some of the nation’s largest Internet service providers. For several days last week, subscribers of Microsoft’s Hotmail and MSN e-mail services experienced long delays in receiving new messages as the company struggled to filter out Sober-generated traffic.

E-mail security company Postini said it has quarantined more than 441 million Sober-infected messages since Nov. 22, twice as many messages as the largest previous attack on record, which was the Mydoom worm in January 2004.

The Sober worm’s spread peaked around Thanksgiving, then tapered off over the weekend, according to Andrew Lochart, Postini’s senior director of marketing. Early this week, however, it staged a comeback.

Most Read Stories

Unlimited Digital Access. $1 for 4 weeks.

The worm most often comes attached to an e-mail supposedly sent by the FBI or CIA, claiming that the government has discovered you visiting “illegal” Web sites and asking you to open an attachment to answer some official questions. Microsoft Windows users who click on the attached file infect their computers with the worm, which then e-mails copies of itself to every address found on the victim’s machine.

Sober lowers security settings on infected machines, but unlike most e-mail-borne viruses and worms, it does not carry an overtly malicious payload. Rather, research unveiled Wednesday suggests the worm may be laying the groundwork for a new attack early next year.