Experts at SophosLabs™, Sophos's global network of virus and
spam analysis centres, have successfully defended customers against
multiple attacks by new versions of the Mytob worm this weekend,
using proactive technology.
The author of the Mytob worms appears to have deliberately
waited until the weekend before releasing five new versions:
Sophos's proactive Genotype™ technology was capable of detecting
all five as new versions of the Mytob worm (naming them
W32/MyDoom-Gen), defending customers computers without requiring an
The Mytob worms spread via email, planting a backdoor Trojan
horse which can be used by remote hackers to gain access and
control over a victim's computer. The computer can then be spied
upon (to steal confidential information), or used to send spam or
launch denial of service attacks.
Genotype™ detection technology uses forensic analysis to
identify suspicious patterns and characteristics that are unique to
either a virus family or a spam campaign. By analyzing these
Genotype patterns, Sophos reduces exposure to new unidentified
threats and unwanted content.
"Hundreds of new virus threats, many with a number of variants,
emerge each month. Sophos's unique Genotype technology helps
protect businesses worldwide against new attacks - even before they
have been seen by anti-virus experts," said Graham Cluley, senior
technology consultant for Sophos. "All companies should consider
combining traditional anti-virus protection with proactive Genotype
detection, as well as investigating putting an email security
policy in place at their gateways. Millions of Sophos customers are
already benefiting from this high level of protection."
Sophos's Genotype technology also protected users against a new
version of the MyDoom worm, W32/MyDoom-AJ, which
emerged this weekend.