MANILA, August 23, 2003 (STAR) The National Computer Center (NCC) has released an advisory warning government agencies and the public at large about the spread of the W32/SOBIG virus.

The new computer virus, wreaking havoc around the world, spreads via the Internet as an attachment to infected electronic mails. It downloads and sets up a backdoor program.

SOBIG went live last January and released different variant from then on, the NCC said.

The latest variant, Sobig F, is now spreading rapidly. According to virus experts, the SOBIG virus has already reached a "high level" outbreak status. Like all the other SOBIG viruses, this version is programmed to self-destruct after two weeks.

The worm continues to spread aggressively through e-mail systems worldwide. It tricks e-mail recipients into opening infected attachments by pretending to originate from Microsoft or from Bill Gates by using the address

The file is actually an executable. When the attached file is opened, it copies itself into the Windows folder and adds registry values that will enable it to run on Windows startup. It can then download files into infected computers and run them.

The worm also mass-mails itself to e-mail addresses found in address books on the system and is difficult to root out because they spread via desktop personal computers with minimal security.

The e-mail can have one of several subject lines, such as "Approved," "Re: 45443-343556" or "Re: Application," while the body always reads: "Please see the attached file." The attachment is called "document.pif", "screensaver.scr" or another similar name, using a .pif, .txt or .scr extension.

In view of the adverse effects of the virus, the NCC advises all government agencies to protect all computers in their offices with anti-virus software together with updated virus information file. Removing all unnecessary/unneeded services in the operating system will also help prevent the spread of the virus.

The NCC also endorses the configuration of the e-mail server to automatically block e-mails with attachment extensions such as .vbs, .bat, .exe. .pif and .scr that are commonly associated in spreading a computer virus.

Moreover, each agency should educate all government computer users not to automatically open e-mail file attachment unless they are expecting to receive an attached file.

Albeit its self-destruct feature, the repercussion of its covert communication capabilities may still give rise to unspecified problems when the government’s computer infrastructure and security is internationally breached by foreign and undesirable entities for unknown intentions.

Thus, the NCC said all government agencies should implement network security and data recovery system to ensure the continuity of their computerization projects and security of network infrastructure.

Reported by: Sol Jose Vanzi

All rights reserved