11 Feb 2004
"MyDoom-D" worm poses no problem for Sophos users
Sophos virus experts have reassured customers that they are
already protected against the worm some anti-virus vendors are
calling "MyDoom-D".
Sophos products can detect "MyDoom-D" using the W32/MyDoom-A update
released on 27 January. MyDoom-D is only marginally different from
the original MyDoom worm, replacing the text "Mail transaction
failed" with "ROFL HELLO SAM HOWS UPZ".
"Some anti-virus vendors have had to release updates to protect
against what they are calling MyDoom-D. However, this is only a
very slightly altered version of the original MyDoom worm, and
Sophos's anti-virus products pro-actively detect it without
requiring additional updates," said Graham Cluley, senior
technology consultant for Sophos. "The only real difference between
the original MyDoom worm and this minor alteration is that some
script kiddie has used a hex editor to shove a childish greeting
inside the worm."
Sophos has published more information about the
MyDoom worms
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.