Off topic: Tricky 'MyDoom' e-mail worm spreading quickly
Thread poster: Monika Coulson

Monika Coulson  Identity Verified
Local time: 20:16
Member (2001)
English to Albanian
+ ...
Jan 27, 2004

I have alrealdy received three infected emails this morning (of course, I deleted them right away.)

I hope you will find the following article helpful (

Worm launches attack on site for Unix-owner SCO Group.

By Jeordan Legon
CNN -- Hackers unleashed an agile worm Monday -- using a sneaky, fairly new tactic to get unsuspecting computer users to diffuse their malicious code.

Dubbed "W32/MyDoom" or "Novarg," the worm circulated so fast anti-virus firms quickly raised threat warnings to "high" saying the bug was one of the worst in recent months.

The worm is contained in e-mails with random senders' addresses and subject lines. While the body of the e-mail varies, it usually includes what appears to be an error message, such as: "The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment."

While many computer users are savvy about not opening executable files or other attachments that may contain viruses, the latest worm masks itself as an innocuous text document or a file that your computer appears unable to read.

"This one is almost begging you to click on the attachment," said Sharon Ruckman, the head of anti-virus firm Symantec's security response team.

When loaded, some versions of the worm launch Notepad and show random characters. At the same time it replicates itself and installs a "keystroke" program that allows a hacker to break in and record everything being typed, including passwords and credit card numbers.

The worm sends out a slew of messages that forced some companies to shut down their e-mail gateways to stop the infection, said Vincent Gullotto, who runs Network Associates' McAfee Anti-Virus Emergency Response Team.

MyDoom also appeared to launch a Denial of Service attack on the site for SCO Group, a California company which recently sued IBM, challenging that firm's intellectual property in parts of Linux. was inaccessible for some time Monday afternoon.

Anti-virus experts said MyDoom was on track to hit even more machines than Nimda, a 2001 worm that spread widely with an attachment that read "Readme.exe."

This time, besides the "binary attachment" message, MyDoom comes with all different file extensions including .pif, .zip and .csr. It also uses an attachment icon similar to one used for Windows text messages. All of this, security experts warn, was succeeding in tricking people into thinking the e-mail was legitimate.

After a relative lull in the number of viruses distributed during the holidays, anti-virus experts expected a hectic Tuesday as office workers fired-up their computers and unwittingly spread the worm.

Two other less prominent worms, Mimail.Q and Dumaru, were also making their way around the Internet.

Mimail.Q changes the body and attachment over time, but, for now, some of the e-mails containing the worm used the subject line: "Hi my sweet Nancy."

Dumaru comes with the subject line "Important information for you. Read it immediately!" and includes an attachment called

"The virus writers [are] ... back from vacation and they've started pushing out their creations," Gullotto warned.

Direct link Reply with quote
R. James
United States
Local time: 22:16
Portuguese to English
+ ...
You know... Jan 27, 2004

...being a Mac user really has its advantages.

Direct link Reply with quote

Florence B  Identity Verified
Local time: 04:16
Member (2002)
English to French
+ ...
Lucky you... Jan 27, 2004

Monika Coulson wrote:

I have alrealdy received three infected emails this morning (of course, I deleted them right away.)

... I'm at over 200 since this morning, and counting.
My Panda kills them all but he's fed up
Somehow the virus has found one of my domain names and it tries all the possible email addresses combining it with all the calendar saints names - I get them from the catchall box.


Direct link Reply with quote

Jeannie Graham  Identity Verified
United Kingdom
Local time: 03:16
German to English
+ ...
same here Jan 27, 2004

200 and more and still counting.
My virus software catches them all, but every time I write a few words in a doc a new mail pops up and guess what - yes another virus mail caught.
Just a good reminder to do a virus update each day I suppose, but still very very annoying!

Direct link Reply with quote

Local time: 04:16
English to French
+ ...
Thank you Jan 27, 2004

to have posted the info here. I immediately update my AVG, not waiting tonight for the automatic update.

Who knows how many problems you avoided me ?

Direct link Reply with quote

Monika Coulson  Identity Verified
Local time: 20:16
Member (2001)
English to Albanian
+ ...
Anti-virus vendor: One in 12 e-mails infected Jan 27, 2004

(As of Tuesday, January 27, 2004, 1740 GMT) Anti-virus vendor: One in 12 e-mails infected.

Experts: Vicious worm 'Linux war' weapon.

The worm -- dubbed "MyDoom," "Novarg" or "WORM_MIMAIL.R" -- was copying itself at a fierce pace, so fast that some companies were having to shut down their mail servers to stop it. And a new clue was emerging as to the source of the infection.


Direct link Reply with quote

To report site rules violations or get help, contact a site moderator:

Moderator(s) of this forum
Fernanda Rocha[Call to this topic]

You can also contact site staff by submitting a support request »

Tricky 'MyDoom' e-mail worm spreading quickly

Advanced search

SDL Trados Studio 2017 Freelance
The leading translation software used by over 250,000 translators.

SDL Trados Studio 2017 helps translators increase translation productivity whilst ensuring quality. Combining translation memory, terminology management and machine translation in one simple and easy-to-use environment.

More info »
BaccS – Business Accounting Software
Modern desktop project management for freelance translators

BaccS makes it easy for translators to manage their projects, schedule tasks, create invoices, and view highly customizable reports. User-friendly, integration, community-driven development – a few reasons BaccS is trusted by translators!

More info »

  • All of
  • Term search
  • Jobs
  • Forums
  • Multiple search