Worm exploits security paranoia to entice users into being
infected
Virus experts at Sophos have warned computer users of a new
variant of the MyDoom worm, which is hitting email inboxes
worldwide.
The W32/MyDoom-O worm travels
in the form of an email attachment, attached to a message
pretending to be from the user's internet provider's or company's
support team saying that their PC has been used by hackers to send
spam.
The MyDoom-O worm can generate a number of different emails when
spreading itself. A typical example sent by the virus looks as
follows:
Dear user <email address>,Your account was used to send a large amount of spam during
this week. Obviously, your computer had been compromised and now
runs a trojan proxy server.
Please follow instruction in order to keep your computer
safe.
Have a nice day,
<domain name> user support team.
So, if your email address was John.Smith@XYZCorp.com the email
would be signed from the "XYZCorp.com user support team".
"Computer users are becoming aware that spammers take over
innocent third party computers to send their marketing messages,"
said Graham Cluley, senior technology consultant for Sophos. "This
worm plays on that fear and pretends that users have already been
hacked and exploited by spammers. All computer users should keep
their anti-virus up-to-date and ensure they never launch an
unsolicited email attachment."
Sophos issued protection against the W32/MyDoom-O worm at 15:41
GMT on 26 July 2004. Customers using Enterprise Manager, PureMessage or the Sophos small business solutions
were automatically protected at their next scheduled update.
Sophos recommends companies protect their email with a consolidated solution to thwart the virus and spam
threats as well as secure their desktop and servers with
automatically updated anti-virus protection.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.