"MyDoom-D" worm poses no problem for Sophos users

Sophos Press Release

Sophos virus experts have reassured customers that they are already protected against the worm some anti-virus vendors are calling "MyDoom-D".

Sophos products can detect "MyDoom-D" using the W32/MyDoom-A update released on 27 January. MyDoom-D is only marginally different from the original MyDoom worm, replacing the text "Mail transaction failed" with "ROFL HELLO SAM HOWS UPZ".

"Some anti-virus vendors have had to release updates to protect against what they are calling MyDoom-D. However, this is only a very slightly altered version of the original MyDoom worm, and Sophos's anti-virus products pro-actively detect it without requiring additional updates," said Graham Cluley, senior technology consultant for Sophos. "The only real difference between the original MyDoom worm and this minor alteration is that some script kiddie has used a hex editor to shove a childish greeting inside the worm."

Sophos has published more information about the MyDoom worms

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at www.sophos.com/company.