The fast-spreading Sobig.F email virus is slowing after failing to bog down the internet, but security experts issued fresh warnings to computer users yesterday to brace for a possible new wave.
Sobig.F, which emerged last Monday, was programmed by an unknown creator to unleash a data attack at 3 p.m. yesterday. But with the trigger - a computer program unwittingly installed on 20 poorly defended computers mostly in the US and Canada - deactivated on Friday, the attempt was a non-event.
"We should all be OK," said Mr Graham Cluley, senior technology consultant at British-based Sophos Anti-Virus. An automated barrage planned for Friday was averted after government and security industry experts defused the digital trigger that could have taken control of more than 100,000 infected computers and possibly crippled the internet.
Last week millions of computer systems across the globe were affected by the virus, which caused some Irish universities to shut off key computer systems.
The number of infected computers worldwide fell dramatically from Saturday to Sunday, declining by one-third in the 24-hour period to 98,205 from 145,264, according to a virus map from anti-virus software maker Trend Micro.
North America had the highest number of zombie computers at 68,911, a one-day drop of 22 per cent. Meanwhile, infected computers in Europe declined by 51 per cent to 26,727 machines. But from a smaller base, infections in Asia jumped 41 per cent to 8,258, according to Tokyo-based Trend Micro's site.
"Now, it's a case of a big clean-up and learning a lesson for the next time there's an email worm," Mr Cluley said.
The next time could be in weeks. Sobig.F is the sixth version of a virus that first appeared in January. Each one has been stronger than the previous, security officials said. Sobig.F is programmed to expire on September 10th. "We would expect to see the next one some time after September 10th, not necessarily on September 11th, but within the ensuing weeks," Mr Cluley said.
The virus spreads when unsuspecting computer users open file attachments in emails with headings like "Thank You!", and "Re: Details". Once the file is opened, Sobig.F resends itself to addresses from the infected computer.- (Reuters)