Romanian researchers claim to have discovered a variant of the Sobig.F virus that looks to mail and domain name servers at Time Warner Telecom for information about how to modify its behavior. The first Sobig.F virus contained an encrypted list of the IP addresses of 20 servers. At a predetermined time it would contact each server in turn until one responded with the URL of a file it would then attempt to download and execute. Last week, antivirus software developers and network operators raced to identify and shut down the 20 servers, before the machines could issue instructions to the virus. Now it seems the goalposts may have been moved, as a variant of the virus, containing a different list of servers to contact, is circulating. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.