IT & the Lawyer

Virulent Mydoom virus is foul

Virus characteristics
This is a mass-mailing worm that arrives in an e-mail message as follows:
From: (variety of spoofed senders)

Subject: (random subjects such as "Hello" and "test")

Body: (varies, such as)

  • The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment.
  • The message contains Unicode characters and has been sent as a binary attachment.
  • Mail transaction failed. Partial message is available.
Attachment: (varies [.exe, .pif, .cmd, .scr] - often arrives in a ZIP archive) (22,528 bytes)
The icon used by the file tries to make it appear as if the attachment is a text file.

The technical nature of the body is a new twist on so-called "social engineering" techniques used by virus writers to trick users into opening malicious file attachments, in that some users trust the authenticity of computer generated messages more than those apparently coming from other users.

Companies that follow recommended practices relating to secure e-mail use should be largely protected against the Mydoom virus and its variants, experts say. There is nothing about Mydoom, so far, that a combination of antivirus, e-mail filtering, and intrusion-detection technologies can't handle.


Leave a comment:

Security Picture (click to change)
Word shown in picture:
menu close

Search Articles