Outside the Beltway

‘MY DOOM’ WORM

· Tuesday, January 27, 2004 · 5 comments

Speedy Worm Invades E-Mail In-Boxes

A rapidly spreading e-mail worm on Monday afternoon shut down e-mail systems at several large corporations and is causing problems for computer users connected to the Internet, security experts said.

Known as “MyDoom,” it is the fastest spreading e-mail worm ever, according to Network Associates, the Santa Clara, Calif.-based maker of McAfee Antivirus software. The company classified it as a “high alert,” its most severe status level.

Mydoom is wreaking havoc with businesses and home computer users, said Steven Sundermeier, product manager for Central Command, an anti-virus company in Medina, Ohio. Sundermeier said the worm is spreading fastest in the United States and Europe.

The virus spreads in an e-mail message that looks like it was garbled during its journey to the recipient’s in-box. The body text urges recipients to click on the attached file if the contents of the message are damaged or unreadable. The virus launches when the attachment is opened.

I’ve gotten several e-mails with the worm itself or generated by people infected with it. What I don’t understand is WHY ARE PEOPLE STILL OPENING THESE ATTACHMENTS?! One would think even little old ladies who’ve never used a computer would know this by now.

FILED UNDER: Science & Technology,
James Joyner
About James Joyner
James Joyner is Professor and Department Head of Security Studies at Marine Corps University's Command and Staff College. He's a former Army officer and Desert Storm veteran. Views expressed here are his own. Follow James on Twitter @DrJJoyner.

Comments

  1. Paul says:
    Tuesday, 27 January 2004 at 08:58

    I am one of the few geeks that ignores all the worms and viruses. My customers don’t have those problems. If they do then I did not do my job.

    Don’t blame the users, blame the geeks. (such that they are) Preventing this stuff is blindingly simple. people just refuse to do it.

    P

  2. James Joyner says:
    Tuesday, 27 January 2004 at 09:00

    I get my e-mail through HostingMatters and my office server. I’ve gotten the worm attachment a handful of times from each, plus several of the messages that get forwarded from SCO.A by people infected.

  3. Paul says:
    Tuesday, 27 January 2004 at 10:35

    But did you click on the attachment?

    No?

    It wasn’t that hard now was it.

    (/snark)

  4. Fred Boness says:
    Tuesday, 27 January 2004 at 10:57

    I blame the geeks for returning e-mails. By now even little old ladies know that that virus e-mails use forged senders. What happens when some dopey/helpful mail system returns one of these worms is that they are really contributing to propagating them. I just LOVE getting e-mail from some system I never knew existed that is being “returned” to me BECAUSE THEY HAVE FOUND A VIRUS IN IT! Gee, thanks.

  5. Pat J says:
    Sunday, 1 February 2004 at 21:51

    I wonder why anyone with any computer experience at all would open an attachment that they did not know by personal knowledge to be secure. DUH!

    I’ve received several infected attachments in the last week, including the ‘mydoom’ worm. All of the attachments were sent through my pop mail address’. One of my best “guards” againt virus and worms along with norton has been an alert to all my “main” mail addresses, not to send attachments of any kind, because I will not open them no matter how important. Of course if it is connected with business and I know it to be secure then it is opened after a scan. Most of my files are zips.

Support OTB

Become a Patron

Popular Posts