CERT has (ahem, finally) released a Sircam advisory this afternoon:
http://www.cert.org/advisories/CA-2001-22.html
Sircam is an amazingly noxious critter. I'll give you an example. At Wired
News, like other news organizations, we have feedback addresses so people
can send us thoughts on articles. Those have been the same for at least
three years, so they're well-known and available to programs like Sircam
that scan hard drives for e-mail addresses.
Since 1 am ET 24 Jul 2001, we've received about 150 MB of mail directed at
those addresses, the vast bulk of it Sircam output. A quick scroll through
the messages says about 90 percent of it by message and probably 99 percent
of it by size is due to Sircam.
Dave Farber wrote on his Interesting People list:
> The person/group who launched the SirCam virus should get the first
> Cyberspace death-- namely permanent banishment from any network access any
> place in the world. We yell endlessly about spam mail but one mess like
> this makes spam mail almost interesting.
Which I heartily endorse.
-Declan
[Declan appended Ted Bridis's *Wall Street Journal* item on 25 Jul 2001,
sent to him by Ted:
http://interactive.wsj.com/articles/SB99601609210000000.htm
The essence of that article is that the FBI's cyberprotection unit
accidently sent private FBI documents by e-mail outside of the FBI.
It appears that this was the result of the Sircam virus infecting
an FBI internal computer. PGN-ed] [Declan McCullagh via risks-digest Volume 21, Issue 55]
0:00
#
G!
