MyDoom Worm Crawling Search Engines

Another strain of the MyDoom worm is on the loose and is spreading quickly today, according to antivirus firm Sophos. The new MyDoom variant emerged yesterday and can use search engines Google, Yahoo, Lycos and AltaVista to try to gather e-mail addresses to send itself to.

The original version of the MyDoom worm disrupted Google for a short while last summer, making it inaccessible to many users as it tried to harvest e-mail addresses from the search engine.

“Right now, we’re not seeing anything like as many reports of this new version of the MyDoom-O virus as we did last July — but it is spreading in the wild,” Graham Cluley, senior technology consultant for Sophos, said.

Various Names

The worm, which appears to most often be called, appears under various aliases, including: MyDoom-O, MyDoom.BB, MyDoom.M, Email-Worm.Win32.Mydoom.m, W32/, Email-Worm.Win32.Mydoom.ak, Email-Worm.Win32.Mydoom.m, W32.Mydoom.AS@mm, W32.Mydoom.AU@mm, W32/Downloader, W32/Mydoom, W32/MyDoom-AR, W32/MyDoom-O, W32/Mydoom.AY@mm, W32/, W32/, Win32.Mydoom.AT, Win32.Mydoom.AU, Win32/Mydoom.AO@mm, Win32/Mydoom.AU!Worm, Win32/Mydoom.Variant!Worm, WORM_MYDOOM.AR, WORM_MYDOOM.AU, WORM_MYDOOM.M.

“Unlike last year, we don’t expect to see Google whacked by this worm. Computer users who have kept their antivirus automatically up-to-date and are wary of opening unsolicited e-mail attachments should have little to fear.”

Sophos recommends companies protect their e-mail gateways with a consolidated solution to defend against viruses and spam. The firm said businesses should also secure their desktop and servers with automatically updated protection. But what about online shoppers?

Online Consumer Confidence

Ken Dunham, the director of malicious code research at iDefense, a Reston, Virginia-based threat intelligence firm, told the E-Commerce Times that the number of malicious code attacks in the past few years is not helping consumer confidence in the online channel.

“The average end user feels like there’s nothing much that they can do,” Dunham said. “For some consumers, the problem is so overwhelming that it almost results in complacency. But online shopping is not unlike any risk activity we might engage in.

“If someone is going to go bungie jumping, they are going to wear a helmet and make sure that the cable is safe before they jump. Much the same, we should use safe computing practices when we are on the Internet.”

Smart Worms, Smart Solutions

Analysts said that as worms get more sophisticated, security systems must also get more sophisticated. Cluley said what is ingenious about the MyDoom virus is the way it can find e-mail addresses of potential victims. Like many other e-mail worms, it searches your hard drive for e-mail addresses, but then it uses the domain names it has found to discover other victims via search engines.

“If it finds the e-mail address [email protected] on your hard drive, it then searches Google and perhaps finds Donald Duck and Bambi’s e-mail addresses too!” Cluely said.

Software vendors are offering solutions to fight against phishing and viruses that are plaguing e-commerce. The Anti-Phishing Working Group and The Phish Report Network are fighting against phishing attacks. HP and Microsoft also have joined the effort, recently announcing antivirus software. And anti-spam groups are still waging war against unsolicited e-mail — all efforts to make the Internet a safer place.

“We just need to come to a realization that the Internet is like a great big city and there’s crime in that city,” Dunham said. “In some places it’s darker than others. We need to make sure that we are walking around where the lights are on and being as safe as we can. It’s about lowering risk, not completely removing it.”

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

E-Commerce Times Channels