----- Original Message -----
From: "Jonas Petersson" <zap@xms.se>
To: <keitai-l@appelsiini.net>
Sent: Monday, August 25, 2003 22:55
Subject: (keitai-l) Re: w32.sobig
<snip>
> > Wouldn't we all get the messages, or does SoBig is send messages only
> > to some addresses it finds on the host system's hard drive?
>
> I haven't dissected it myself (I don't use Windows in my work so I'm not
> really bothered), but I would assume that in order to stay off the radar
> it can't really send to EVERYONE continously (it's a 100KB message), but
> just picks a few at a time from the inbox so if you haven't posted
> recently you may be lucky...
>
> / Jonas
On a tangent, I checked my yahoo e-mail account yesterday after not doing so
for about a month. I was at 117% of my 6 MB limit. This hadn't happened
before. I just maintain the account. Mostly SPAM goes there now. Anyway, I
began deleting messages, and I found that the source of much of the extra 5
MB were various messages all having a 100KB attachment. I was tempted to
look inside to see if it was SoBig, but I decided to leave it alone.
Since the attachments were all 100KB, I guess I did receive dozens of the
SoBig worms/viruses, though not from this list. I'm glad I stopped Outlook
Express from checking yahoo months ago (due to SPAM).
Greg Conquest
Received on Tue Aug 26 04:59:11 2003