MyDoom E-mail Virus Turned Five This Year in January

The Windows PC virus MyDoom, which had made its debut on January 26, 2004, turned five years old on January 26, 2009. After its first appearance, MyDoom soon surpassed SoBig, another computer virus, and became the fastest proliferating e-mail malware ever.

Initially, e-mail spammers who created this virus used it to send junk e-mails through infected computers. While the real creator of MyDoom is not known, a number of security companies believe that it is the initiation of a Russian programmer working professionally in the underground world. However, McAfee employee, Craig Schmugar, gave the worm its name 'MyDoom' after seeing the word 'mydom' in the malware's code.

Paul Wood, Senior Analyst at MessageLabs, said that initially researchers could not determine the number of infected computers as the virus impacted the e-mail systems drastically, as reported by ITPRO on January 26, 2009.

Wood further said that when MyDoom spread, it spoofed the address given in the "from" section of the e-mail. Moreover, during those days, users did not have their e-mail gateway configured to block malware as they have it now. At that time, user's antivirus detected the e-mail message containing this worm typically send a return e-mail to the recipient mentioning about the attempt to transmit a virus. Consequently, a large amount of traffic got generated in addition to the numerous spoofed e-mails containing the virus because the virus signatures initiated the corresponding alert messages.

Besides, there was huge impact on Internet users as the amount of e-mails was very high. According to some estimates, the amount of e-mails was in millions, but it was less than a million. However, such e-mail attacks were likely to be low if companies and individuals knew the methods of defending themselves.

According to MessageLabs, during its peak, e-mails containing the worm are one in every twelve messages that cloged networks and could lead to unauthorized access as well. Also, MyDoom has had two main versions, MyDoom.A and MyDoom.B, with other variants constantly emerging but in comparatively fewer numbers.

Related article: MyDoom Virus Hits Major Online Networks in South Korea and US

» SPAMfighter News - 2/15/2009