28 January 2004

MyDoom virus attack

There have been an unprecedent number of virus-laden emails travelling around the world since Monday.

This week's Windows virus attack, MyDoom or Novarg, is an attempt by the virus writer to set up an attack against the servers of a company called SCO. SCO is claiming it owns parts of the code for Linux and is requiring Linux vendors to pay SCO a licence fee.

MyDoom comes as an email attachment with one of seven subject lines, including Error, Hello, Mail delivery system, Status, Test, or even a randomly generated series of characters. When the attachment containing the virus code is opened it uses Notepad to display rubbish text, it searches for email addresses on the infected computer, and sends itself to those email addresses. The address from which the email containing the virus appears to have been sent is chosen randomly from the email addresses it finds on the infected computer, so if your email address has been used in this way you will receive messages saying for example that your email has bounced or it wasn't delivered because it contained a virus, when you didn't send the email in the first place.

For more information about the virus visit Computer Associates, F-Secure or Sophos.

If you have opened an attachment that you think may contain the virus, please shut down your computer and contact the comedu helpdesk immediately.