Press Releases

Browse our press release archive

17 Feb 2005

New version of MyDoom-O spreading in the wild, Sophos reports on the return of the worm


The original outbreak of the MyDoom worm disrupted access to the Google search engine for a few hours in July 2004.

Experts at SophosLabsâ„¢, Sophos's global network of virus and spam analysis centres, have warned users to be on guard against a new version of the MyDoom-O worm which emerged overnight.

The original version of the MyDoom-O worm disrupted the popular Google website for a short while in July 2004, making it inaccessible to many users, as it tried to harvest email addresses from the search engine.

The new version has been repacked, possibly not by the original author, in an attempt to avoid detection by anti-virus products. However, Sophos's anti-virus products have been detecting this new version since 22:54 GMT on 16 February 2005.

"Right now, we're not seeing anything like as many reports of this new version of the MyDoom-O virus as we did last July - but it is spreading in the wild," said Graham Cluley, senior technology consultant for Sophos. "Unlike last year, we don't expect to see Google whacked by this worm. Computer users who have kept their anti-virus automatically up-to-date and are wary of opening unsolicited email attachments should have little to fear."

The MyDoom-O worm can use the internet search engines Google, Yahoo, Lycos and AltaVista to try and gather email addresses to send itself to.

"What is ingenious about the MyDoom-O virus is the way it can find email addresses of potential victims. Like many other email worms it searches your hard drive for email addresses, but then it uses the domain names it has found to discover other victims via search engines," explained Cluley. "So, if it finds the email address mickey.mouse@disney.com on your hard drive, it then searches Google and perhaps finds Donald Duck and Bambi's email addresses too!"

Sophos recommends companies protect their email gateways with a consolidated solution to defend against viruses and spam. Businesses should also secure their desktop and servers with automatically updated protection.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy