Martes, Hulyo 17, 2012


 MyDoom worm virus


       MyDoom worm was first discovered on January 26th, 2004. It goes by many different names depending on the anti-virus company, including Novag, Shimg or Mimail. Similar to most worms, MyDoom manipulates the email system, which has caused many innocent users to be blamed for distributing it. What contributed to the wide spread of the worm was the numerous security alerts sent out by anti-virus vendors. The alerting issue arouse from infected emails being detected by the Internet Service Provider or the anti-virus vendor's domain. Depending on an administrator's configurations, the anti-virus solution could send alerts to recipients and the alleged sender.

         MyDoom worm started on the Kazaa file sharing network, and spread to e-mail networks. It has a capability to spread slows in a computer. Mydoom appears to have been commissioned  by a e-mail  spammers so as to send junk e-mail through infected computers and it can be cause damage. Virus that has a fastest spreading through e-mail. And Capable to generate more than millions infected e-mails in 24 hours that is myDoom worm very fastest and latest virus. This myDoom worm virus is dangerous like other virus and it gives also a problem in a google, and also in a Microsoft because of  quickly spread  through e-mail system. 


How MyDoom is Distributed 
MyDoom distributes itself via email and the popular peer-to-peer network known as KaZaZ. The email is typically spoofed with both a sender name and one of the following subject lines:
- Hi
- Hello
- Error
- Test
- Mail Delivery System
- Mail Transaction Failed
- Server Report Status
The file attachment comes with a CMD., EXE., PIF. or SCR file extension or it may come as an archived ZIP file.
The icon of the attachment may also appear to be associated with a TXT. file, though the attachment itself is executable. To hide its activity, MyDoom launches the Notepad application when executed, filling the victim's screen with random text characters. It then secretly drops an infected copy into the Windows System folder as an executable. MyDoom also searches the registry in search of KaZaA. If the program is installed, it drops an infected copy into the KaZaA shared folder using various executable extensions. This enables it to infect KaZaA users who download and unknowingly execute one of the files.

      
        MyDoom was instigated somewhere in mid 2004 and it actually prompted US senator to propose the creation of a “National Virus Response Centre”. The virus attacked in two phases; the first phase infected different Operating Systems, creating inroads and backdoors and making them vulnerable to external users. Once this problem was sorted out, the MyDoom struck again after few months, this time targeting the Search Engines like Google, slowing them down considerably, and crashing a few.




Worm Removal
   Symantec recommends using a special removable tool to rid an infected system of this worm opposed to an anti-virus scanner. This is because MyDoom drops so many malicious files throughout the registry and the system itself.

Reference:
http://www.spamlaws.com/mydoom-worm.html
http://forum.pcsecurityworld.com/showthread.php?tid=233



Ipinaskil ni sa 7 komento:
Mag-subscribe sa: Mga Post (Atom)