Sobig Worm Variant Takes Off

Sobig.E arrives as an e-mail with subject lines such as "re: application" or "re: movie," with a .zip file attachment. When the attachment is executed, the worm spreads itself to e-mail addresses on the victim's system.

While not destructive, Sobig.E can clog networks with floods of e-mail, according to Guardent, a security-services firm. The worm only infects Windows operating systems.

Sobig.E was spreading Wednesday at a faster rate than its predecessor, Sobig.D, according to iDefense, a security intelligence firm. Most reports of the worm are from the United States, the United Kingdom and the Netherlands, the firm said.

More copies of Sobig.E are making it to the client level because .zip files "are commonly allowed through gateway filers where other file types are blocked," said Ken Dunham, iDefense senior intelligence analyst, in a prepared statement.

The worm is designed to deactivate on July 14.