Tech Time Warp: The Mass-Emailing Malware You Almost Forgot About

Posted by Lauren Beliveau on Aug 19, 2016 12:00:00 PM

code.jpgIn this Tech Time Warp we reminisce about the detrimental malware Sobig.F, which was first detected on Aug. 18, 2003. Although this malware was detected 13 years ago, to this day many think it was one of the most destructive worms to ever hit inboxes.

If a user opened an email infected with Sobig.F, the worm then deployed to their entire contact list, leaving all those recipients vulnerable spreading the attack as well. The Sobig.F worm is said to have hit thousands of computers per hour. To put this in perspective, one out of every 17 computers were infected, resulting in more than 37.1 billion dollars in damage.

The emails that Sobig.F sent used subject lines like RE: Approved, RE: Your Details Attached, and many more that led users to believe the message was coming from an authentic source. The trickiest part was that the malware changed subject lines and even attachment names to confuse users and avoid detection.

An unsolved malware mystery

Sobig.F self-detonated on Sept. 10, 2003, under the premise that a new more dangerous Sobig variation would soon follow. While Sobig.G never ended up making an appearance in inboxes, users were soon plagued with a new worm called My Doom, which quickly surpassed Sobig.F in its rapid deployment in January 2004. Like Sobig.F, My Doom swapped out subject lines including “Error”, “Test,” or even “Mail Transaction Failed” prompting users to open the email.  As soon as the message was clicked on, it started transmitting itself to the user’s contacts, spreading quickly and causing an estimated 38 billion dollars in damages.

To this day, we’re unsure who created Sobig.F, and we hope that it doesn’t find its way back into SMBs’ inboxes!



Topics: Tech Time Warp

Which Data Loss Gremlin Is Targeting You
MSP Health Check
MSP Phishing Quiz
Intronis Local Lunches
MSP Marketing Assessment