A new variant of the MyDoom virus has emerged, spreading itself by sending copies via its SMTP engine to e-mail addresses obtained from search engines like Google and Yahoo. This variant is spreading strongly today, Feb. 17.
In August 2004, a MyDoom variant also launched countless queries to Google to search for email addresses for the spread, which made the search engine run as slow as a slug. Or can not operate for a long time. Another variant of MyDoom has also been successful in the & quot; Downgrade & quot; Some search engines are less popular, including Lycos and Altavista - to find email addresses.
Sophos anti-virus vendor says the latest MyDoom variant searches every e-mail address on the hard drive of the victim's computer, and then goes back to the Internet's search for e-mail addresses on the search engines. One very interesting thing, The worm tried to search the Internet for e-mail addresses in the domain that contained the computer that it had access to. . This mechanism allows it to & quot; shoot & quot; It is very effective for all mail users in the same company or service provider (which has the same email address after @ exactly the same thing).
According to Sohpos's recommendation, this worm sends a query to the search engine, using the keyword domain name from the email addresses it finds on the victim machine's hard drive. It then analyzes the results of the search, and from there continues to find new email addresses that can be forwarded to & quot ;.
"This latest Mydoom variant was first discovered this morning," said Sean Richmond, senior technical consultant for Sophos in Australia and New Zealand. As soon as users upgrade their antivirus software, they will no longer be disturbed by the virus.
Sophos said the new Mydoom variant would send 45 percent of queries to the Google search engine, 22.5 percent to Lycos, 20 percent to Yahoo and 12.5 percent to Altavista.
Security vendors Sophos, Computer Associates and Symantec all agree that the worm is spreading very quickly, but it's easy to exclude it with the latest antivirus software updates.
