MyDoom-O computer worm spreading quickly via email, Sophos reports

Sophos Press Release

Worm exploits security paranoia to entice users into being infected

Virus experts at Sophos have warned computer users of a new variant of the MyDoom worm, which is hitting email inboxes worldwide.

The W32/MyDoom-O worm travels in the form of an email attachment, attached to a message pretending to be from the user's internet provider's or company's support team saying that their PC has been used by hackers to send spam.

The MyDoom-O worm can generate a number of different emails when spreading itself. A typical example sent by the virus looks as follows:

Dear user <email address>,

Your account was used to send a large amount of spam during this week. Obviously, your computer had been compromised and now runs a trojan proxy server.

Please follow instruction in order to keep your computer safe.

Have a nice day,
<domain name> user support team.

So, if your email address was the email would be signed from the " user support team".

"Computer users are becoming aware that spammers take over innocent third party computers to send their marketing messages," said Graham Cluley, senior technology consultant for Sophos. "This worm plays on that fear and pretends that users have already been hacked and exploited by spammers. All computer users should keep their anti-virus up-to-date and ensure they never launch an unsolicited email attachment."

Sophos issued protection against the W32/MyDoom-O worm at 15:41 GMT on 26 July 2004. Customers using Enterprise Manager, PureMessage or the Sophos small business solutions were automatically protected at their next scheduled update.

Sophos recommends companies protect their email with a consolidated solution to thwart the virus and spam threats as well as secure their desktop and servers with automatically updated anti-virus protection.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at