Jump to content

Viruses emanating from BBO users (edit ui)

bglover
 Share

Recommended Posts

bglover

bglover

Posted
Posted

I caught 2 viruses this week on my PC. Both were the Sober virus, and both emanated from BBO users.

 

The virus infects a user' address book and then generates emails to spread itself. Fortunately, I recognized both email addresses from which i received the bugs and informed both parties that I had gotten an infection from them.

 

However, it is clear that there is an infection being spread current either through BBO itself or (more likely) some people who have gotten on a mailing list, most likely members of a club. Since it has already replicated itself it is likely to be sent to anyone who has been on that club's mailing list at any point.

 

The Sober virus is nasty if you don't catch it in time. Already, one of the people had to reformat their hard drive to get rid of it.

 

Symantec's web site has a free program to clean it off your computer if you already have it. If you don't, make sure your anti virus software is up to date as it is clearly spreading.

 

I use Grisoft's free AVG software and it flagged both viruses (altho I had to scan out the second infection, it did kind of get through).

Link to comment
Share on other sites
fred

fred

Posted
Posted
I caught 2 viruses this week on my PC. Both were the Sober virus, and both emanated from BBO users.

 

The virus infects a user' address book and then generates emails to spread itself. Fortunately, I recognized both email addresses from which i received the bugs and informed both parties that I had gotten an infection from them.

 

However, it is clear that there is an infection being spread current either through BBO itself or (more likely) some people who have gotten on a mailing list, most likely members of a club. Since it has already replicated itself it is likely to be sent to anyone who has been on that club's mailing list at any point.

 

The Sober virus is nasty if you don't catch it in time. Already, one of the people had to reformat their hard drive to get rid of it.

 

Symantec's web site has a free program to clean it off your computer if you already have it. If you don't, make sure your anti virus software is up to date as it is clearly spreading.

 

I use Grisoft's free AVG software and it flagged both viruses (altho I had to scan out the second infection, it did kind of get through).

The process of using the BBO software for whatever

purpose does NOT increase your chances of getting

a virus. We are VERY careful about things like this

(we have to be - if we were responsible for spreading

a virus to many 1000s of people it would be the end

of the world as far as our business was concerned).

 

Fred Gitelman

Bridge Base Inc.

www.bridgebase.com

Link to comment
Share on other sites
bglover

bglover

Posted
  • Author
Posted

I certainly am sure it doesn't directly come out of your software. That's why I said it was more likely coming from a club. (The reason I said this was that I used to belong to a few clubs and the two I received were both members of one of those clubs).

 

Clearly, there is an infection on someone's mailing list tho. Since I wrote this morning I have received 2 more Sober virsuses (did not recognize the names however, but still suspect there is an address book of a BBO member out there generating it).

 

I would be surprised, of course, if it came out of BBO's mail list. As a software developer and provider they must be extra careful and guard against this.

 

I happen to know that one of the people who sent me the virus was not using anti virus software up until a week or so ago. Matter of fact I implored that person to download some. Obviously my plea fell on dear ears and the result was a reformatted hard disk-- something no one really wants.

Link to comment
Share on other sites
hrothgar

hrothgar

Posted
Posted

I happen to work at Symantec and have a more than passing familiarity with worms, viruses, and the like.

 

A complete description of Sober is available at:

http://securityresponse.symantec.com/avcen...sober.c@mm.html

 

However, the "important" thing to note is that Sober spreads via SMTP. Sober builds a Mail Transfer Agent on the infected system and uses this agent to transmit mail messages to addresses found within mailboxes on the infected system. Accordingly, Sober tends to spread based on a social networking model. In this case, an infected BBO member had sent or received an email from your address which lead your to be targetted.

 

The connection to Bridge Base Online as an institution is coincidental at best.

Link to comment
Share on other sites
fred

fred

Posted
Posted
I certainly am sure it doesn't directly come out of your software. That's why I said it was more likely coming from a club. (The reason I said this was that I used to belong to a few clubs and the two I received were both members of one of those clubs).

 

Clearly, there is an infection on someone's mailing list tho. Since I wrote this morning I have received 2 more Sober virsuses (did not recognize the names however, but still suspect there is an address book of a BBO member out there generating it).

 

I would be surprised, of course, if it came out of BBO's mail list. As a software developer and provider they must be extra careful and guard against this.

 

I happen to know that one of the people who sent me the virus was not using anti virus software up until a week or so ago. Matter of fact I implored that person to download some. Obviously my plea fell on dear ears and the result was a reformatted hard disk-- something no one really wants.

I did see your original statement that you thought it

was unlikely that BBO itself was responsible for the

spread of the virus. I appreciate that, but thought it

important to reassure our members that you were

in fact correct.

 

It is also worth mentioning that we do not maintain

e-mail lists of our members and whatever "address

books" we have are not within our e-mail software

itself (a slight inconvenience for us, but a good safety

play against passing on a virus or worm to our

members and customers).

 

Fred Gitelman

Bridge Base Inc.

www.bridgebase.com

Link to comment
Share on other sites
  • 6 years later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing
×
×
  • Create New...