|The MyDoom-S worm poses as a collection of funny photographs.|
Worm attempts to open backdoor to allow hackers access to infected computers
Experts at Sophos have warned users to be wary of unsolicited emails claiming to contain funny photographs, after the latest variant of the MyDoom worm (W32/MyDoom-S) was spammed to internet users around the world. If innocent computer users open the email attachment they run the risk of the worm opening a backdoor which will allow hackers to gain remote access to the PC.
The MyDoom-S worm (also known as Ratos) arrives in an email with the following characteristics:
Subject line: photos
Message text: LOL!;))))
Attached file: photos_arc.exe
"Companies should educate their users to practise safe computing - that includes never opening unsolicited email attachments and discouraging the sending and receiving of joke files and funny photographs and screensavers," said Graham Cluley, senior technology consultant for Sophos. "This worm feeds on people's habit to willingly accept 'humorous' content on their desktop computer, but they could be putting their entire company's data at risk."
Sophos issued protection against the W32/MyDoom-S worm at 06:43 GMT on 16 August 2004. Customers using Enterprise Manager, PureMessage or the Sophos small business solutions were automatically protected at their next scheduled update.
Sophos recommends companies protect their email with a consolidated solution to thwart the virus and spam threats as well as secure their desktop and servers with automatically updated anti-virus protection.
"All companies should consider blocking executable content from the outside world at the email gateway," continued Cluley.
Sophos reminds the internet community that both Microsoft and SCO have issued substantial rewards totalling $500,000 for information which leads to the successful conviction of those behind the MyDoom worm.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.