Virus warning: Return of Sobig is so bad for spam

A new variant of the Sobig virus has started spreading worldwide, raising fears that spammers will have a host of new PCs to use as platforms for sending bulk email.

Initial analysis by antivirus companies indicated that the mass-mailing computer worm, called Sobig.E, doesn't have a malicious payload. However, MessageLabs believes spammers will use the virus's mail program on victims' computers to send anonymous messages.

Mark Sunner, chief technology officer for MessageLabs, said: "This is almost certainly being precipitated by a spammer that is trying to create more open relays to send spam."

An open relay is a computer that accepts email bound for other destinations and then resends the messages anonymously. Using open relays allows spammers to hide the location from which they are sending bulk email and avoid detection and prosecution.

While there is no concrete proof that Sobig.E has been created and released by a spammer, Sunner said many bulk emailers are already using computers infected with a previous variant of the computer virus to avoid leaving traces. Moreover, the fact that Sobig.E has an expiration date - it will stop spreading on July 14 - suggests that the creator doesn't want its infection to turn into a full-blown epidemic, he said.

In reality, the program is spreading quite successfully as a Zip-compressed email attachment. Copies of the worm have been seen in 16 countries - including the US, the UK and the Netherlands - according to MessageLabs. By 08:30(BST) MessageLabs had intercepted around 20,000 instances of the virus and have given it the highest risk assessment rating.

The virus appears in a recipient's inbox with the subject line "Re: Movie" or "Re: Application." The body of the message states, "Please see the attached zip file for details." The malicious program is contained in an 80KB attachment to the message. It infects any PC running a Microsoft Windows operating system when the attachment is opened.

To prevent infecting their computer, email users shouldn't open attachments, even from people known to them, unless they specifically asked for the file first.

Robert Lemos writes for News.com