A new variant of the MyDoom worm has emerged - a year after the first variant wreaked havoc on the Internet.
Anti-virus (AV) vendor Trend Micro says the worm, which poses as a failed e-mail delivery notification, first surfaced on 16 February and is already spreading in Singapore and the US.
The company rates the worm as a medium threat, while AV vendor F-Secure has set it as a level-two warning, meaning the virus will have an impact on computer users but the threat is not yet critical.
The MyDoom variant has been repackaged, possibly not by the original author, in an attempt to avoid detection by anti-virus products, says Brett Myroff, CEO of local Sophos distributor Netxactics.
"What is ingenious about this worm is the way it can find e-mail addresses of potential victims. Like many other e-mail worms, it searches hard drives for e-mail addresses, but then it uses the domain names it has found to discover other victims via search engines," explains Myroff.
The original version of the MyDoom-O worm disrupted the Google Web site for a short while in July 2004, making it inaccessible to many users, as it tried to harvest e-mail addresses from the search engine, says Myroff.
The latest variant seeks to use a number of Internet search engines - Google, Yahoo, Lycos and AltaVista - to harvest addresses and mail itself, he adds.
"Unlike last year, we don`t expect to see Google whacked by this worm. Right now we are not seeing anything like as many reports of this new version of the MyDoom virus as we did last year - but it is spreading in the wild."
Related stories:
Hackers love Google
MyDoom just got worse
Hi to MyDoom
Share
