August 25, 2003

Busy weekend

Everything at the office is back to normal now. The worm has been stamped out and we’re back online. But Sobig is as big as ever. Usually when a virus outbreak hits, I’ll see three or four copies of it pass across my inbox. This morning when I came in, I found 344 copies of Sobig sitting in my junk mail folder! That might be a little disproportionate to what most people are seeing, since they were all addressed to the webmaster address at my company’s website. But still. No wonder they’re calling this the most prolific worm ever.

The strange thing, though, is that none of them had the actual virus attachment on them. So they’re all harmless, and I didn’t have to worry about my anti-virus software popping up three hundred warning messages. I’m not sure where the attachment got stripped out, though. We have our own Exchange Server running here, and mail comes directly into it. I sure haven’t applied any kind of filters lately. It might be our ISP or someone above them stripping it out, but how does that work if there aren’t any other mail servers it passes through?

