Posted: 27th Jan, 2004 By: MarkJ
Some of you may awake this morning to find your inboxes all but flooded with e-mails linked to the latest e-mail worm, MyDoom. The worm is already on track to be one of the most prevalent so far:
Central Command warns all Internet users of a new computer worm named Worm/MyDoom
Central Command, a leading provider of PC anti-virus software and computer security services, announces the discovery of Worm/MyDoom. This new aggressive Internet worm is spreading globally with heavy concentrations initially in the United States and Europe.
"We're seeing fast spreading malicious worms being released one after another today," said Steven Sundermeier, Vice President of Products and Services at Central Command, Inc. "Unfortunately, initial reports of Worm/MyDoom have already surpassed the other new releases in a matter of minutes. The alarming rate of submissions closely mimics that of later variants of Worm/Sobig.F. This has all the characteristics of being the next big one."
Central Command's Emergency Virus Response Team has already confirmed over 3800 infections of Worm/MyDoom in fewer than 45 minutes of initial discovery.
Details of the Internet worm:
Name: Worm/MyDoom
Alias: W32.MyDoom@mm
Type: Internet Worm
Discovered: January 26, 2004
Size: 22.528KB
Platform: Windows 95/98/Me/NT/2000/XP
Description:
Worm/MyDoom is an Internet worm that has been seen spreading through email. The worm arrives through e-mail in the following format:
Subject:
"Test" "test" "Status"
Body:
"The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment."
"Mail transaction failed. Partial message is available."
"test"
Attachment:
document.zip
document.pif
doc.scr
message.pif
readme.exe
file.zip
message.zip
oia.zip
text.zip
Sadly the worm also uses spoofing, meaning that it will appear to have come from people it hasnt. This could result in many innocent addresses being blacklisted as worms are often mistaken for SPAM.