 |
| Embedded inside the worms is a message to the
anti-virus community. |
The creators of the latest versions of the MyDoom email worm
have embedded a secret message inside their code, asking for a job
in the anti-virus industry, researchers at Sophos have
discovered.
The W32/MyDoom-V and W32/MyDoom-U worms spread
via email in the form of an email file attachment. If innocent
users launch the malicious file, the worms activate and may attempt
to download a backdoor Trojan horse called Surila.
Hidden inside these worm's code is a message which does not get
displayed on infected users' computers:
We searching 4 work in AV industry.
"It's hard to tell if the creators of these new versions of the
MyDoom worm are being serious, but there is no way that anybody in
the anti-virus industry would touch them with a bargepole," said
Graham Cluley, senior technology consultant for Sophos. "It's very
simple - if you write a virus, we will never ever employ you. Not
only is it unethical to write malicious code, but it raises issues
as to whether you could ever be trusted to develop the software
which protects millions of users around the world from attack every
day."
Sophos believes the skills required to write reliable anti-virus
software are very different from those shown by a virus writer.
"Anti-virus software is much more difficult to write than a
computer virus. Anti-virus developers have to ensure that their
software works reliably, detecting over 90,000 computer viruses on
a wide variety of operating systems and network configurations
without making mistakes or causing problems. Virus writers don't
care if their code crashes or causes incompatabilities - you don't
have to be a genius to write a virus," continued Cluley.
Although the MyDoom-V and MyDoom-U worms were only discovered on
9 September 2004, Sophos anti-virus products have been capable of
detecting them proactively through its generic detection
capabilities as W32/MyDoom-Gen since 27 August 2004.
"Sophos's proactive detection of the new versions of these worms
demonstrates the high quality of the work done by our research and
development teams. Technology like this has made the Sophos product
line the ideal choice for businesses around the globe," said
Cluley.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.