1 Whoever wrote SoBig is one skillful programmer. The virus spread by e-mail and dropped a piece of software -- called a proxy -- into all the machines it infected. That turned them into agents of the virus writer or others.
2 After posting the virus on the Internet, the author tricked people into releasing it -- by getting them to click on attachments. The virus searched for e-mail addresses and then sent e-mail messages to the recipients, who couldn't tell who sent them.
3 Those who got the e-mails and clicked on the attachment got infected, and in turn sent out more e-mails to others. The deluge clogged up networks and slowed computing, forcing people and companies to spend time and money fixing their machines.
4 SoBig proxy software acted like sleeper cells in a terror network. Virus writers and spammers scanned the Internet for infected machines. They posted lists of these addresses on Web sites frequented by spammers and virus writers.
5 Virus writers or spammers could then tap directly into those computers and use them to spread viruses or send out spam to an ever-widening universe of computer users. The end result: SoBig spread faster than any of its virus ancestors.
Data: Trend Micro Inc.