This is the latest variant of the Mimail worm, which is able to spread much faster than the Sobig-F-worm that topped the dangerous virus last year. Mimail.R does not exploit software bugs that are designed to entice recipients to open attachments that run malicious programs in the file it carries. Depend on computers running Windows.
Vincent Gullotto, vice president of Network Associates' Rapid Response Team, said: "Mydoom is as fast as a missile. In the first hour, we received 19,500 e-mail messages, which were sent from 3,400 different Internet addresses. " According to Gullotto, many businesses have to shut down their e-mail gateways to prevent the spread of Mimail.R. "
Mimail.R comes with e-mail attachments with .exe, .scr, .zip, or .pif attachments with various themes and content such as: '' Mail Delivery System '', '' Test '' or '' Transaction Transaction ''. The content of the e-mail contains a file running .exe and a message type: '' Message contains Unicode characters and has been sent as a binary attachment ''.
When activated, the worm automatically sends itself to the e-mail addresses found in the user's mailbox. The purpose of this virus is to deceive the computer users are wary, denial of service attacks some websites, including the page www.sco.com of the Unix software manufacturer. In addition, it can be spread across the Kazaa file-sharing system.
In addition, Symantec also detected the keystroke log of Mimail.R. This function records the input information from the keyboard, including passwords, credit card numbers, etc., which helps to steal sensitive data.
At present, this virus has landed in Vietnam. Network Security Center of Hanoi University of Technology (BKIS) said it is working to release an update to stop the spread of Mimail.R. Experts recommend users to update to protect their systems and be careful when opening e-mails with attachments.
