New Variant of MyDoom Virus

• Microsoft Windows Systems

A new variant of the MyDoom virus is spreading through email. In addition to infecting your computer and emailing itself to other machines, the virus may open a backdoor that could make your machine vulnerable to future attacks.

Solution

Avoid opening email attachments

Be sure you know the source of an attachment before opening it. Also remember that it is not enough that the mail originated from an email address you recognize. Many viruses spread precisely because they originate from a familiar email address.

Maintain updated anti-virus software

It is important that you use antivirus software and keep it up to date. Most antivirus software vendors frequently release updated information, tools, or virus databases to help detect and recover from virus infections. Many antivirus packages support automatic updates of virus definitions. US-CERT recommends using these automatic updates when possible.

This variant of MyDoom (known as MyDoom.M or MyDoom.O) is significant because it seems to be conducting searches on addresses it harvests from infected computers. Therefore, not only is email activity affected, response times in many popular search engines may be dramatically slower.

References

• MyDoom.B Virus - <http://www.us-cert.gov/cas/alerts/SA04-028A.html>
• US-CERT Computer Virus Resources - <http://www.us-cert.gov/other_sources/viruses.html>
• Understanding Anti-Virus Software - <http://www.us-cert.gov/cas/tips/ST04-005.html>
• Using Caution with Email Attachments - <http://www.us-cert.gov/cas/tips/ST04-010.html>
• Home Network Security - <http://www.cert.org/tech_tips/home_networks.html>
• Home Computer Security - <http://www.cert.org/homeusers/HomeComputerSecurity/

Author: Mindi McDowell. Feedback can be directed to US-CERT -->.

Copyright 2004 Carnegie Mellon University. Terms of use

Revision History

• July 26, 2004: Initial release
   

Last updated