January 27, 2004
They're calling it the fastest-spreading virus in history -- and this time it's not Microsoft's (Nasdaq: MSFT ) fault.
The worm -- dubbed "Mydoom" by Network Associates (NYSE: NET ) and "Novarg" by Symantec (Nasdaq: SYMC ) -- is spreading via mass email and has clogged corporate networks worldwide. A Boeing (NYSE: BA ) spokesman told The Wall Street Journal that its system was shut down entirely. It was so bad that at one point yesterday some of us at Fool HQ were receiving over 100 per hour, and there were reports of other users getting hit with 1,000 per minute.
Mydoom will arrive in your inbox with various subject lines; among the most common are "Test," "Error," "Status," "hello," and "hi." Like others before it, the virus has the ability to "spoof" the sender address, so it may appear the email is coming from someone you know. It will have an attachment that it urges you to open. These attachments may have titles such as doc.bat, document.zip, message.zip, and readme.zip. Thus, the worm spreads by tricking users, not through a vulnerability in Microsoft's software.
Should the file be opened and run, it will copy itself to the Windows directory and leave a "backdoor" that could allow a hacker to gain control of the computer. Interestingly, after Feb. 1, the worm will change its behavior from mass mailing and will begin a denial of service attack against The SCO Group, according to Network Associates. SCO is likely being targeted because it claims copyright ownership to parts of the Linux open source operating system.
How can you avoid being infected by (and unwittingly spreading) Mydoom? "The best rule of thumb," says Joshua Brown, the Fool's chief security goon, "is never open an attachment, even if it appears to be from somebody you know, unless you are expecting an attachment from that person."
And always eat your vegetables.