Worm creates possessed zombie army to attack SCO
website
 |
| The MyDoom worm can make a zombie of your
computer |
Sophos technical support has warned users of the W32/MyDoom-A which is
spreading widely across the internet.
MyDoom-A quick links:
The MyDoom worm (also known as Novarg or Mimail-R) spreads via
email, using a variety of technical-sounding subject lines and
attachment names. If the attached file is launched, and the worm
activated, the infected computer's hard disk is harvested by the
worm for more email addresses to send itself to. The worm opens a
backdoor onto infected computers which allows hackers to gain
access.
The worm also spreads via the KaZaA file sharing network, and
launches a denial of service (DoS) attack from infected computers
(known as "zombies") against SCO's website between 1 and 12
February.
"MyDoom is unlike many other mass-mailing worms we have seen in
the past, because it does not try to seduce users into opening the
attachment by offering sexy pictures of celebrities or private
messages," said Graham Cluley, senior technology consultant for
Sophos. "MyDoom can pose as a technical-sounding message, claiming
that the email body has been put in an attached file. Of course, if
you launch that file you are potentially putting your data and
computer straight into the hands of hackers."
"When the MyDoom worm forwards itself via email, it can create
its attachment in either Windows executable or Zip file format. It
is possible the worm's author did this in an attempt to bypass
company filters which try and block EXE files from reaching their
users from the outside world," continued Cluley.
Sophos has published a detailed analysis and
protection against W32/MyDoom-A. A standalone disinfection utility is
also available. Enterprise Manager
customers are automatically protected at the time of their next
scheduled update.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.