Version: 2008
  • On MovieTome: First Look: Jessica Alba in 'Machete'!

February 16, 2005 10:40 PM PST

Updated MyDoom targets Google--again

By Munir Kotadia
Staff Writer, CNET News

  • 3 comments
Related Stories

Google's search for security

 December 22, 2004

Net worm using Google to spread

 December 21, 2004

Google, other engines hit by worm variant

 July 26, 2004

MyDoom variant slams mailboxes, search engines

 July 26, 2004

MyDoom virus declared worst ever

 January 29, 2004
Another variant of the MyDoom worm, which spreads by sending copies of itself using its own mail engine and harvesting potential e-mail targets from search engines such as Google and Yahoo, has started spreading quickly.

Last summer, a MyDoom variant pumped so many queries into Google that the search engine was unavailable or very slow for large periods of time. The same variant of MyDoom also succeeded in knocking a number of smaller search engines--including Lycos and Altavista--off the Web completely.

Antivirus firm Sophos said the latest MyDoom variant searches an infected computer's hard disk for e-mail addresses and then reverts to an Internet search. Interestingly, the worm tries to search the Internet for e-mail addresses in the infected computer's domain--effectively targeting all users from a specific company or service provider.

According to a Sophos advisory, the worm "will send a query to the search engine using domain names from e-mail addresses found on the hard disk and then examine the query results, searching for more addresses."

Sean Richmond, senior technical consultant at Sophos in Australia and New Zealand, said that the latest variant was first detected early Thursday in that region and that as long as people have updated their virus definitions it shouldn't cause much of a problem.

"We saw a spate of samples come through over the last day into our lab. By now a lot of companies are already blocking dodgy zip files and quite a few of the infected e-mails are automatically blocked as spam. It is spreading but everyone (including alternative antivirus companies) are on top of things," Richmond said.

Sophos said the worm will send 45 percent of its queries to Google, 22.5 percent to Lycos, 20 percent to Yahoo and 12.5 percent to Altavista.

Antivirus firms Sophos, Computer Associates and Symantec all agree that the worm is spreading quickly but is relatively simple to remove using their latest antivirus definitions.

Munir Kotadia of ZDNet Australia reported from Sydney.

See more CNET content tagged:
MyDoom virus, Sophos Plc., antivirus company, AltaVista Co., Lycos Inc.

Add a Comment (Log in or register) (3 Comments)
  • prev
  • 1
  • next
What systems are affected?
by wrwjpn February 17, 2005 2:33 AM PST
At least let the readers know what systems are affected?
Reply to this comment
Affected systems
by EENetminder February 17, 2005 8:42 AM PST
Windows. It's ALWAYS Windows.

From Symantec's website: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
let the readers know
by Ubber geek June 7, 2007 1:37 PM PDT
http://www.analogstereo.com/mazda_miata_owners_manual.htm
(3 Comments)
  • prev
  • 1
  • next
advertisement

Latest tech news headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Markets

Market news, charts, SEC filings, and more

Related quotes

Dow Jones Industrials (0.43%) 44.29 10,291.26
S&P 500 (0.50%) 5.50 1,098.51
NASDAQ (0.74%) 15.82 2,166.90
CNET TECH (0.52%) 8.18 1,579.76
  Symbol Lookup
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET