Email filtering company MessageLabs, for instance, said it intercepted more than a million messages that carry the virus on Tuesday, while rival Postini trapped 2.6 million in 24 hours.
"This is the fastest (virus) that we have seen," said Scott Petry, vice president of products and engineering for Postini. He added that the company typically stops far fewer email messages that carry viruses -- about 500,000 -- on an average day.
Click here for information on how to prevent and remove the Sobig.F virus.
The computer virus clogged corporate email systems on Tuesday and Wednesday, as every message had to be digitally checked for the virus before being passed on to the recipient's computer. MessageLabs found that about one in every 17 messages contained the Sobig virus -- far more then the normal 1-in-275 ratio or 1-in-138 ratio that the previous top threat, Klez.H, had produced.
Sobig.F, like previous versions of the virus, uses an email address other than the victim's as the apparent source of email messages that it sends to spread itself. Many antivirus systems send an alert that notifies the apparent sender of viral email messages that they are infected, even when the malicious program is known to forge the source's email address. The result: more spam to clog the Internet's arteries.
"We chose to not respond to spam or viruses, because it can quickly turn into a denial of service attack," Petry said.
America Online also had to deal with an avalanche of email. On any given day, the consumer Internet service provider -- the world's largest -- normally receives about 11 million email messages carrying attachments that need to be checked. On Tuesday, the company took in about 31 million such messages, about 11.5 million of which carried the Sobig.F virus, according to an AOL representative.
The Sobig.F virus spreads by harvesting emails from Web pages and from the address book of an infected computer. It sends a copy of itself to the addresses in an email message with subject lines such as "Your Details," "Re: Approved," and "Thank you!" The virus also spreads by copying itself to shared network hard drives that are accessible to the infected computer.
The virus has caused headaches for administrators at the Massachusetts Institute of Technology, the US Department of Defense and many other companies. But the virus -- like the previous versions -- has an expiration date built in: This variant is set to stop spreading on 10 September.
But rather than comfort Internet service providers, that fact made administrators worried that the people who wrote the Sobig family of viruses were learning with each variant.
"The Sobig virus writer's use of an inbuilt expiry date indicates that he is committed to inventing new and improved versions," Mark Sunner, chief technology officer at MessageLabs, said in a statement. "Each variant released so far has exceeded the previous one in growth and impact during the critical initial window of vulnerability."
Talkback
Go to www.slqantivirus.all.at that website helped me so much because i have windows XP and i have been getting hit every were i go on the internet it gave me so much things for my computer for free!
www.slqantivirus.all.at
I found this closing statement the most revealing of the true nature of this problem, " Mark Sunner, chief technology officer at MessageLabs, said in a statement. "Each variant released so far has exceeded the previous one in growth and impact during the critical initial window of vulnerability." Anti-virus software in the norm is reactive, until the vendor companies know what they are looking for their software can not be programmed to detect the threat. At the risk of repeating myself in this "TalkBack" section we need to start adopting a response that does not need updating! If computer users were to prevent the introduction of new executable code to their PCs this threat would be significantly reduced and the subsequent increased email traffic would be negligible. Have a look at Reflex Disknet Pro www.reflex-magnetics.com/products/disknetpro/