SoBig Claims More Victims

NEW YORK, NY – Almost a full year after the SoBig virus first attacked worldwide Internet users, it continues to haunt hard drives everywhere, according to email security maker MessageLabs.

Known as the fastest-spreading virus in Internet history, with a mere 12.8 million hits recorded in August alone, the virus is alive and well two months after its self-imposed shutdown or termination date.

MessageLabs put out a warning Monday that SoBig is still out to destroy, and while it is considerably less virulent than earlier this year, it was considered the third most active virus in the month of November and chalked up 264,000 attacks detected by email virus scanners.

SoBig made its debut in January 2003 as the first member of the virus' family. Five SoBig variants later, the SoBig.F variant appeared in August of this year and at its peak was found in 1 out of every 17 emails worldwide.

According to MessageLabs, the SoBig.F variant was "the most sophisticated and prolific to date."

MessageLabs first detected the Sobig.F virus on Aug. 18 after snagging more than one million copies within the first 24 hours on behalf of its customers. Between Aug. 18 and the end of the month, MessageLabs claims to have intercepted a record 12.8 million emails containing the virus.

Security experts agree that the very process through which the virus was designed to propagate might have also been its reason for a longer-than-average life span.

According to CNET, the virus is still in existence partly because many PCs are set to the wrong date. Another reason is wedded to the very nature of the virus, which goes through a process after being successfully downloaded onto a computer system to link to other servers and continue the spread of the virus.

But in some cases those downloads may have failed because servers were taken offline, hence the virus is still out there trying to do what it was written to do: wreak havoc. Ironically, its life has become prolonged because of widespread efforts to stop it.

"Some experts believe this downloaded code could have precipitated a massive denial-of-service attack, but this was foiled because the compromised servers were taken offline in time," stated CNET's Graeme Wearden.

"Because of the built-in shutoff mechanism, a PC receiving a copy of SoBig today should not try to forward it on," CNET continued. "But another factor behind SoBig's longevity could be that some PCs are set to the incorrect date. While networked PCs will typically take their date and time from a central server, home PCs are reliant on their internal clock and the small battery that powers it."

According to MessageLabs, when a battery runs down and isn't replaced, a computer will not know the correct date or time. Many PCs out there that are connected to the Internet haven't switched their virus activity off and because of that they continue to help spawn SoBig.F.

"SoBig.F may have failed in its ultimate business objective, to create a network of spam sending machines, but the people behind these combined threats are using lessons learned from each attack to perfect their strategies," said Mark Sunner, chief techonlogy officer for MessageLabs. "Attacks will continue until they prove successful. There are hundreds of virus writers and spammers operating beyond the law and perhaps out of reach of the law, but fortunately it is not out of the reach of businesses to stop these attacks."

And while SoBig.F continues to propogate, so does a $250,00 bounty on the virus writer's head, as pledged by Microsoft chief Bill Gates in November as part of a joint effort with the FBI and various government agencies active in the fight against computer viruses. So far, the computer giant has not announced any progress in its hunt for the viruses maker. The maker of the MSBlaster worm is also being hunted down by task forces and is part of an overall $5 million pledge by Gates to find and convict virus writers.

Copyright © 2026 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

AdultHTML Launches 'Dedicated AI-First' Solution

AdultHTML has launched its Dedicated AI-First developer solution.

Texas Court Orders Adult Site Domain Locked for AV Violations

A district court in Texas has issued a writ requiring domain registry Verisign to “lock” an adult website’s domain over noncompliance with the state’s age verification law.

Adult Web Hosting Service 'QloudHost' Launches

QloudHost, a new web hosting service for adult websites, has launched.

Peter Hooke Launches New Paysite

Peter Hooke has launched an official website through PAYSITE.

Pineapple Support Names Ny Ny Lew as Brand Ambassador

Pineapple Support has named Ny Ny Lew as its newest brand ambassador.

Federal AV Proposal Passes House, Faces Senate Opposition

The U.S. House of Representatives on Monday passed the Kids Internet and Digital Safety (KIDS) Act, which includes provisions to make age verification by adult websites federal law, but the bill still faces tough going in the Senate.

Devin Drills Launches New Paysite

Creator Devin Drills has launched an official website through PAYSITE.

AV Bulletin: Midyear Roundup

Since the U.S. Supreme Court’s decision in Free Speech Coalition v. Paxton, more state age verification laws have been enacted around the United States, as well as proposed at the federal level and in other countries. Meanwhile, lawsuits resulting from AV laws have begun to play out in the courts. This roundup provides an update on the latest news and developments on the age verification front as it impacts the adult industry.

Judge Dismisses Last NCOSE-Backed Suit Over Kansas AV Law

A federal judge on Monday dismissed a lawsuit alleging that adult site SuperPorn violated Kansas’ age verification law, citing lack of jurisdiction after similarly dismissing two related cases earlier this year.

ASACP Updates 'Restricted to Adults' Labeling Resource Page

The Association of Sites Advocating Child Protection (ASACP) has updated its Restricted to Adults (RTA) labeling resource page.

Show More