Newest Variant of MyDoom Virus Packs a Punch

by Cynthia Heitzler

Security firms are again advising computer users not to open mysterious-looking e-mails or click on their attachments if they are not certain of the sender's identity. MyDoom.F arrives in e-mail in-boxes carrying a variety of subject header lines including: "Approved," "Your Credit Card" and "You use illegal File Sharing...Your IP was logged." It is programmed to infect personal computers and use them to unleash a crippling digital barrage known as a denial-of-service attack on select Web sites belonging to Microsoft Corp. and the Recording Industry Association of America (RIAA).

Computer viruses have evolved over the years to turn unsecured computers into "zombie" machines capable of carrying out the virus writer's commands. Typically, this army of commandeered machines is used to send out torrents of e-mail spam messages, unleash digital attacks on targeted Web sites and, in some cases, host Web sites that sell everything from vitamins to pornography.

Denial of Service Attack
A primary goal of a denial-of-service attack is to deny the victim(s) access to a particular resource. Included is information that may help you respond to such an attack. Denial-of-service attacks can essentially disable your computer or your network. Depending on the nature of your enterprise, this can effectively disable your organization.

Although, it doesn't spread as quickly as last weeks Ntesky.B attack, the current variant of the MyDoom virus is considered a growing risk as it deletes Microsoft Work and Excel documents as well as photos and movies at random.

Mikko Hypponen, manager of anti-virus research firm F-Secure says "...we haven't seen a destructive virus like this in a while."

What you should do:

• If you don't already have one, install a virus protection program and a personal firewall
• Update your definitions

Some practical tips you can use:

• Don't automatically open e-mail attachments or open attachments from an unknown source.
• Don't open unexpected e-mail attachments, or .
• Don't download programs from Web sites, unless you know and trust the source.
• Update your anti-virus software at least every two weeks.

For more information:

• MyDoom Returns for Round 2
• New MyDoom Virus Packs a Wallop
• CERT? Coordination Center: Denial of Service Attacks
• Symantec Security Response: W32.Mydoom.F@mm
• McAfee Virus Profile: W32/Mydoom.f@MM
• Computer Associates: Win32.Mydoom.F

First published on BankersOnline.com 02/25/04