Google worm attack confirmed

Tuesday, 27 July 2004, 2:05 PM EST

The attack is in the form of a new variant of the MyDoom email worm, called MyDoom.O. It's currently propogating in the wild and has slowed performance at some afflicted search engines.

The worm was first detected on Monday. It arrives in email message attachments that, when opened, install the virus and open a back door that remote attackers can use to access infected machines. While similar to other versions of MyDoom, the O-variant is testing a new approach: using major search engines to harvest email addresses on Web domains that it discovers, slowing those sites, according to Johannes Ullrich, chief technology officer at The SANS Institute's Internet Storm Centre.

"The standard scheme is for viruses to look for email addresses in the Web cache," he said, referring to the store of previously visited Web pages stored on computer hard drives. But if MyDoom.O finds an email address, in addition to sending a copy of itself to the address, it also does a Web search on the Web domain and uses the search results to discover more addresses in that domain, according to Ullrich.

By Paul Roberts at Macworld.

[ Read more ]




Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //