London, Aug 22 (Reuters): Computer security experts raced to beat the clock today as the super-potent SoBig e-mail virus threatened to unleash a crippling barrage of data across the Internet.
A frantic global hunt was under way from the US to South Korea to find and switch off 20 home computers with high-speed broadband connections that were due to be targeted by hundreds of thousands of computers infected by Sobig.F at 1900 GMT. Security experts discovered only late yesterday that the SoBig virus, which has sown panic since Monday by infecting Windows systems and using them to send junk mail, was harbouring a sinister secret.
Hidden within the virus is an instruction to the infected machines to make contact at 1900 GMT with the 20 computers, which host an unidentified programme. “The problem is we don’t know what that programme is. It could mean a smiley face dances across your screen or it could be something massive,” said Carole Theriault, anti-virus consultant at Sophos Anti-Virus. “It’s still under the control of the virus writer.”
Even if the mystery programme is a harmless gag, the sheer volume of Internet data converging on the 20 computer targets could slow the Internet to a crawl.
The time trigger is set to be activated again at the same time on Sunday.
The search for the owners of the 20 machines — to get them to disconnect before the deadline — has had some success. “We’ve taken more than half offline,” said Mikko Hypponen, anti-virus research manager at Finland’s F-Secure. “But if one is left standing, there will be an attack.”
Security officials have advised computer users who suspect they have the virus to download one of the many patches being distributed by anti-virus vendors.