Yet another worm congests networks around the world

Warning! On Monday, January 26, 2004, a new internet worm dubbed “MyDoom” (also known as Novarg) began spreading rapidly across the globe. All indications are that it could be one of the worst internet threats in the past few years.

Unlike other worms or viruses, MyDoom has few identifiable characteristics and no specific pattern of files or email messages to which it attaches itself. Some versions of MyDoom emails have a subject header that says “Hi,” but other versions contain completely different greetings. The body text of some MyDoom emails says: “This message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment.” However, other versions of these emails have body text that is completely gibberish, or none at all. In addition, there are several different types of email attachments that the MyDoom worm hides inside of, including files that end with the extensions: “.bat,” “.cmd,” “.exe,” “.pif,” “.scr,” or “.zip.”

MyDoom is particularly threatening because it has the capability of installing a secret “keystroke” program onto the victim’s computer. This keystroke program allows the worm’s creators to record everything the victim types on his/her keyboard, such as credit card numbers, passwords, etc. In addition, MyDoom is programmed to carry out a denial of service attack on the official website for the SCO Group. Not only does a denial of service attack cause the targeted website to crash, but it also can generate a slowdown in global internet traffic.

As with any email that tries to persuade you to open its attachment, Geeks On Call strongly urges you not to open any file unless you are 100% positive that it is safe. The best way to protect yourself from infection by viruses, worms, or Trojan horses is to employ a three-pronged security approach: anti-virus software, a firewall, and the latest Windows security updates. First, you should install the most recent version of a respected anti-virus program, and keep its virus definitions updated on a weekly basis. Second, the use of a software-based firewall can help to keep you informed of any suspicious programs or Trojans that try to connect to the internet. Third, it is imperative to install the latest security updates and patches for the Windows operating system. Microsoft never sends Windows updates or security patches to anyone via email. The only place that you can safely download Windows updates and patches is at the official Microsoft Windows Update website, which is http://windowsupdate.microsoft.com.

For more information on viruses, firewalls, and other computer topics, please refer to the past editions of Geeks On Call’s customer newsletter (called “Geek-Speak”) which can be found at the Geeks’ website: www.geeksoncall.com. On this site you also can sign up to receive the newsletter, which is distributed via email every few months.

If you have accidentally opened a suspicious email attachment and you suspect that your computer is infected with the MyDoom worm, please call Geeks On Call immediately at 1-800-905-GEEK
(1-800-905-4335).