Off topic: Tricky 'MyDoom' e-mail worm spreading quickly
Thread poster: Monika Coulson
| | Monika Coulson
Local time: 02:07
English to Albanian
I have alrealdy received three infected emails this morning (of course, I deleted them right away.)
I hope you will find the following article helpful (http://www.cnn.com/2004/TECH/internet/01/26/mydoom.worm/index.html)
Worm launches attack on site for Unix-owner SCO Group.
By Jeordan Legon
CNN -- Hackers unleashed an agile worm Monday -- using a sneaky, fairly new tactic to get unsuspecting computer users to diffuse their malicious code.
Dubbed "W32/MyDoom" or "Novarg," the worm circulated so fast anti-virus firms quickly raised threat warnings to "high" saying the bug was one of the worst in recent months.
The worm is contained in e-mails with random senders' addresses and subject lines. While the body of the e-mail varies, it usually includes what appears to be an error message, such as: "The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment."
While many computer users are savvy about not opening executable files or other attachments that may contain viruses, the latest worm masks itself as an innocuous text document or a file that your computer appears unable to read.
"This one is almost begging you to click on the attachment," said Sharon Ruckman, the head of anti-virus firm Symantec's security response team.
When loaded, some versions of the worm launch Notepad and show random characters. At the same time it replicates itself and installs a "keystroke" program that allows a hacker to break in and record everything being typed, including passwords and credit card numbers.
The worm sends out a slew of messages that forced some companies to shut down their e-mail gateways to stop the infection, said Vincent Gullotto, who runs Network Associates' McAfee Anti-Virus Emergency Response Team.
MyDoom also appeared to launch a Denial of Service attack on the site for SCO Group, a California company which recently sued IBM, challenging that firm's intellectual property in parts of Linux. SCO.com was inaccessible for some time Monday afternoon.
Anti-virus experts said MyDoom was on track to hit even more machines than Nimda, a 2001 worm that spread widely with an attachment that read "Readme.exe."
This time, besides the "binary attachment" message, MyDoom comes with all different file extensions including .pif, .zip and .csr. It also uses an attachment icon similar to one used for Windows text messages. All of this, security experts warn, was succeeding in tricking people into thinking the e-mail was legitimate.
After a relative lull in the number of viruses distributed during the holidays, anti-virus experts expected a hectic Tuesday as office workers fired-up their computers and unwittingly spread the worm.
Two other less prominent worms, Mimail.Q and Dumaru, were also making their way around the Internet.
Mimail.Q changes the body and attachment over time, but, for now, some of the e-mails containing the worm used the subject line: "Hi my sweet Nancy."
Dumaru comes with the subject line "Important information for you. Read it immediately!" and includes an attachment called myphoto.zip.
"The virus writers [are] ... back from vacation and they've started pushing out their creations," Gullotto warned.
| || || |
| | R. James
Local time: 04:07
Portuguese to English
...being a Mac user really has its advantages.
| | Jeannie Graham
Local time: 09:07
German to English
200 and more and still counting.
My virus software catches them all, but every time I write a few words in a doc a new mail pops up and guess what - yes another virus mail caught.
Just a good reminder to do a virus update each day I suppose, but still very very annoying!
| | lien
Local time: 10:07
English to French
to have posted the info here. I immediately update my AVG, not waiting tonight for the automatic update.
Who knows how many problems you avoided me ?
| Anti-virus vendor: One in 12 e-mails infected || Jan 27, 2004 |
(As of Tuesday, January 27, 2004, 1740 GMT) Anti-virus vendor: One in 12 e-mails infected.
Experts: Vicious worm 'Linux war' weapon.
The worm -- dubbed "MyDoom," "Novarg" or "WORM_MIMAIL.R" -- was copying itself at a fierce pace, so fast that some companies were having to shut down their mail servers to stop it. And a new clue was emerging as to the source of the infection.
To report site rules violations or get help, contact a site moderator:
You can also contact site staff by submitting a support request »
Tricky 'MyDoom' e-mail worm spreading quickly
|Anycount & Translation Office 3000|
|Translation Office 3000|
Translation Office 3000 is an advanced accounting tool for freelance translators and small agencies. TO3000 easily and seamlessly integrates with the business life of professional freelance translators.
More info »
|Translation Memory Software for Any Platform|
Exclusive discount for ProZ.com users!
Save over 13% when purchasing Wordfast Pro through ProZ.com. Wordfast is the world's #1 provider of platform-independent Translation Memory software. Consistently ranked the most user-friendly and highest value
More info »