Sobig is biggest virus of all

Lots of people saw lots of e-mails like this in their inbox

The Sobig Windows virus that overwhelmed e-mail inboxes around the world is one of the fastest growing viruses ever.

E-mail filtering firm MessageLabs said it had intercepted more than a million copies of Sobig F in 24 hours, more than for any other virus.

Net service giant AOL said it had stopped more than 23.2 million copies of the virus since it first appeared on 18 August.

Security experts said the virus seemed to be created by spammers to recruit innocent machines to act as untraceable relays for their unwanted messages.

Big hitter

Hundreds of thousands of home users and businesses have been hit by the F version of the Sobig virus over the past couple of days.

SOBIG SUBJECT LINES Re: details Re: approved Re: my details Re: Thankyou! Re: That movie Re: wicked screensaver Re: your application Your details Thankyou

At one point every one in 17 e-mails intercepted by security firm MessageLabs was infected with the Sobig F virus.

"That's just a number we've never seen before," said Brian Czarny, a spokesman for MessageLabs.

The only other e-mail virus to get close to these figures was the LoveBug which peaked at 1 in 28 messages in 2000.

The virus is contracted by opening the attachment it carries that is labelled to make people think it is an innocent screensaver or configuration file.

The virus tries to fool people into opening it by regularly changing its subject line and the name of the attachment.

Anyone receiving lots of copies of the virus will see an in-box filled with messages bearing very similar subject lines.

But what may have helped Sobig F spread is the fact that it can be hard for people to be sure they are infected.

The virus carries its own e-mail sending program and does not use Outlook to despatch infected mail.

Only those monitoring their net connection will notice an increase in traffic but net browsing could slow down for anyone unknowingly sending out lots of infected e-mail messages.

The Sobig F virus caused problems even for those that avoided infection.

SOBIG ATTACHMENTS your_document.pif details.pif details.pif your_details.pif thank_you.pif movie0045.pif document_Fall.pif application.pif document_9446.pif

The malicious program generated so many e-mail messages that it overwhelmed the inboxes of many people.

Many anti-virus firms have made free removal tools available that help rid an infected machine of the pernicious program.

Home users can avoid infection by updating their anti-virus software and by being suspicious of unexpected e-mail messages they get from people they do not know well.

As well as plundering Microsoft Outlook address books for new victims, Sobig F also attempts to implant a background program that turns infected machines into a relay for any messages sent by the virus's creator.

Mikko Hypponen, manager of anti-virus firm F-Secure, said Sobig F had been written by a spammer looking for ways to get past spam filters.

He said: "For once, we have a clear motive for a virus - money."

Sobig F is not the first time that a spammer has tried to spread a message in this way.

In June this year the AVF virus was found which also tried to turn infected machines into proxies for unwanted commercial mail messages or spam.

Security staff at many companies have had a busy 10 days as three viruses have hit within days of each other. Sobig F was preceded by the MSBlast worm and another program called Welchi that tried to fix the vulnerability used by the worm.