Sophos technical support has warned users of the W32/MyDoom-A worm which is spreading widely across the Internet.
The MyDoom worm (also known as Novarg or Mimail-R) spreads via e-mail, using a variety of technical-sounding subject lines and attachment names. If the attached file is launched, and the worm activated, the infected computer`s hard disk is harvested by the worm for more e-mail addresses to send itself to. The worm opens a backdoor onto infected computers which allows hackers to gain access.
The worm also spreads via the KaZaA file sharing network, and is believed to have been designed to launch a denial of service (DoS) attack against SCO`s Web site from infected computers.
"MyDoom is unlike many other mass-mailing worms we have seen in the past, because it does not try to seduce users into opening the attachment by offering sexy pictures of celebrities or private messages," said Brett Myroff, CEO of NetXactics, local Sophos distributor.
"MyDoom can pose as a technical-sounding message, claiming that the e-mail body has been put in a attached file. Of course, if you launch that file you are potentially putting your data and computer straight into the hands of hackers.
"When the MyDoom worm forwards itself via e-mail, it can create its attachment in either Windows executable or Zip file format. It is possible the worm`s author did this in an attempt to bypass company filters which try and block EXE files from reaching their users from the outside world," continued Myroff.
Sophos has published a detailed analysis and protection against W32/MyDoom-A here. Enterprise Manager customers are automatically protected at the time of their next scheduled update.
Share
