1 Whoever wrote SoBig is one skillful programmer. The virus spread by e-mail and dropped a piece of software -- called a proxy -- into all the machines it infected. That turned them into agents of the virus writer or others.2 After posting the virus on the Internet, the author tricked people into releasing it -- by getting them to click on attachments. The virus searched for e-mail addresses and then sent e-mail messages to the recipients, who couldn't tell who sent them.3 Those who got the e-mails and clicked on the attachment got infected, and in turn sent out more e-mails to others. The deluge clogged up networks and slowed computing, forcing people and companies to spend time and money fixing their machines.4 SoBig proxy software acted like sleeper cells in a terror network. Virus writers and spammers scanned the Internet for infected machines. They posted lists of these addresses on Web sites frequented by spammers and virus writers.5 Virus writers or spammers could then tap directly into those computers and use them to spread viruses or send out spam to an ever-widening universe of computer users. The end result: SoBig spread faster than any of its virus ancestors.
Data: Trend Micro Inc.