The sixth variation of the SoBig virus, SoBig.F, first appeared yesterday and has taken off like wildfire. It's looking like the worst one ever, with the virus writers clearly using the knowledge they have picked up from the previous five to create an even more damaging version.
The SoBig viruses have included different and more sophisticated elements along the way and this one is no exception. Addresses are spoofed, the infected files have more variations in names than previously, the virus grabs random data to stick to itself so its size varies each time and hence bypass some security systems.
It also appears to be testing a method of spreading through file-swapping networks. It grabs email addresses from Windows address book and the computer's Internet cache and forwards itself on. Its email sending engine is improved as well, so now it can send out several emails at the same time. As with other variants, it has a built-in self-destruction date of 10 September, so we can expect more to come in future.
All this has meant that spread of the worm has rocketed, with this reporter receiving dozens last night from the US, many of them from government and military systems. A sysadmin at the Employment Department in Washington confirmed that they were fighting a huge SoBig problem.
One theory is that the SoBig virus writers are using the virus to harvest email addresses for spammers. Another possibility is that they are trying to find holes in the US government's servers. The most worrying possibility though, which no one seems to be mentioning, is that they are gradually testing elements of a supervirus - and who knows what havoc that could cause.
The only thing we can be certain of is that a huge number of people across the world are stupid enough to open up these attachments and so aid its spread.
However, it seems more likely than ever that the virus itself starts in the US. With US Attorney General John Ashcroft starting a tour of the States in an attempt to justify the powers the government gave itself in the Patriot Act after the 2001 terrorist attacks, perhaps the FBI and Pentagon could do everyone a favour and use their power to track down the virus writers before the situation really gets out of hand.