Virus

3 Comments

Just in case you haven't heard yet: all those emails you're getting with the .pif and .scr and .exe and .zip attachments, them there is viruses. Okay, virus-like software, but close enough. It's called MyDoom or Novarg (link is to Symantec's page about it, which probably gives more technical detail than you care about; see also PCWorld article and Times Online article).

The idea is that if a Windows user double-clicks the attachment, it runs malicious code that installs a backdoor on the system, opening it up to further attack down the road. The virus has no effect on Macintosh or UNIX systems, except to flood their mailboxes and mail servers—I've received nearly 250 copies of it since midafternoon Monday.

As is becoming common, the "From" line in these messages is completely made up. So something like half the copies of the virus I'm receiving at this point are email bounces—the virus sent out a copy of itself, from some other computer, with a From line like tony (or whoever) @kith.org, and the message bounced, and so the destination mail server sends a bounce message "back" to what it thinks is the originating email address, so it comes to me.

Anyway. Ignore 'em, delete 'em, for heaven's sake don't open the attachments. And if you already have (on a Windows system), then update your virus-scanning tools and zap the virus.

3 Responses to “Virus”

  1. Jed

    One interesting note about this particular worm: it appears to know about common first names in the US, so people whose usernames are common first names are getting hit unusually hard. If you’re trying to reach someone whose email address is george@something or sue@something, you may have a hard time; their email quota may have been exceeded by copies of the worm.

    reply

  2. Joe

    (Sorry about the blank post above. Accidentally hit Enter before tabbing to the textbox.)

    I thought I heard something this morning that the MyDoom virus also included a keystroke logger, which would allow them to capture passwords, credit card information, or anything else you typed in. I can’t find any information to that effect now, though, so I might be misremembering.

    Either way, you don’t want the virus! Viruses are bad! 🙂

    reply

  3. Jed

    I’ve received about a thousand copies of MyDoom in the past 48 hours, so that’s an average of one about every three minutes. The rate seems to be accelerating, too; today it’s been more like one a minute. Sigh.

    reply

Join the Conversation