New Variant of MyDoom Virus

Systems Affected

Microsoft Windows Systems

Overview

A new variant of the MyDoom virus is spreading through email. In addition to infecting your computer and emailing itself to other machines, the virus may open a backdoor that could make your machine vulnerable to future attacks.

Solution

Avoid opening email attachments

Be sure you know the source of an attachment before opening it. Also remember that it is not enough that the mail originated from an email address you recognize. Many viruses spread precisely because they originate from a familiar email address.

Maintain updated anti-virus software

It is important that you use antivirus software and keep it up to date. Most antivirus software vendors frequently release updated information, tools, or virus databases to help detect and recover from virus infections. Many antivirus packages support automatic updates of virus definitions. US-CERT recommends using these automatic updates when possible.

Description

This variant of MyDoom (known as MyDoom.M or MyDoom.O) is significant because it seems to be conducting searches on addresses it harvests from infected computers. Therefore, not only is email activity affected, response times in many popular search engines may be dramatically slower.

References

MyDoom.B Virus – <http://www.us-cert.gov/cas/alerts/SA04-028A.html>

US-CERT Computer Virus Resources – <http://www.us-cert.gov/other_sources/viruses.html>

Understanding Anti-Virus Software – <http://www.us-cert.gov/cas/tips/ST04-005.html>

Using Caution with Email Attachments – <http://www.us-cert.gov/cas/tips/ST04-010.html>

Home Network Security – <http://www.cert.org/tech_tips/home_networks.html>

Home Computer Security – <http://www.cert.org/homeusers/HomeComputerSecurity/

Author: Mindi McDowell. Feedback can be directed to US-CERT –>.