Doomjuice worm shows that viruses don't just spread by email, says Sophos

Sophos Press Release

Virus experts at Sophos have warned of a new worm called W32/Doomjuice-A, which travels via the internet looking to attack computers which are infected with the widespread W32/MyDoom-A worm. Unlike MyDoom, the Doomjuice worm does not travel by email.

As part of its infection process, MyDoom opened a backdoor onto the compromised machine, which virus experts warned could be used to upload or download files.

Doomjuice is using computers it has managed to infect (known as "zombies") to launch a distributed denial of service attack against Microsoft in an effort to bring down their website, Sophos researchers believe that Doomjuice and MyDoom are likely to have been written by the same author.

"Doomjuice is yet another example that viruses do not only spread via email," explained Graham Cluley, senior technology consultant at Sophos. "By taking advantage of the backdoor left open by MyDoom, Doomjuice is just one example of what a virus writer can do when computer security is not maintained. It is a good idea to run anti-virus software both at email gateways and on users' desktops."

"Being a good member of the internet community, means ensuring that your computer is not part of the problem. Computers which are not properly protected from hacker and virus attacks contribute to the problem - in this case, a serious attempt to blast Microsoft's website off the internet," continued Cluley.

Sophos recommends that users ensure that their anti-virus is up to date and that they have a firewall in place to prevent access from potentially infected non-trusted networks.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at