Another variant of the MyDoom worm has surfaced on computers around the world, and is arriving in e-mail containing the word "photo" in the subject line.
Brett Myroff, CEO of local Sophos distributor Netxactics, warns that consumers should avoid e-mail claiming to contain funny photographs. "Companies should educate their users to practise safe computing. This includes never opening unsolicited e-mail attachments and discouraging the sending and receiving of joke files, funny photographs and screensavers.
"This worm feeds on users` willingness to accept `humorous` content on their desktop computers, but by doing this, they could be putting their entire company`s data at risk."
Myroff says the worm typically arrives in an e-mail with the following characteristics:
Subject line: photos
Message text: LOL!;))))
Attached file: photos_arc.exe
The MyDoom variant works much like a typical worm, says Myroff. Once it infects a PC, it harvests the machine for e-mail addresses and sends itself to each one. It then installs a backdoor on the PC to allow the creator to gain remote access and use the PC for sending spam.
Symantec account manager Stefan le Roux says the worm is one of a new evolution of viruses. "These newer viruses tend to do things differently to 'traditional` viruses. Perhaps the most notable thing is that, once opened, it can block users from getting access to security sites, so basically it prevents any anti-virus downloads."
Y3K MD Ryan Price adds that the worm seems to be spamming from a database or a cable modem pull. "This would suggest that earlier MyDoom variants set up this database."
Although the virus has not reached epic proportions, it is proving prevalent around the globe, says Price. "We`ve upgraded the virus to a level two threat. It is definitely affecting a lot of people, but is not yet a crisis.
"Earlier Monday morning, none of the anti-virus programs detected this variant, so it spread fast. However, most companies have since updated their anti-virus, which will slow it down. The virus itself is not so much malicious as annoying," explains Price.
According to Le Roux, the MyDoom variant will mostly affect Windows operating systems, while users running DOS, Linux, any of the Macintosh operating systems, Novell Netware, OS/2 or Unix would not be affected.
Share
