Rusbiz Newsletter   Easy, low cost incorporations. Click Here.
HomeCategoriesArchiveAdvertisePrivacy StatementFeedbackAbout UsRusbiz Home
Ezine for online business community
   
SIGN UP
to receive the ezine
Your Name
*:
Your E-Mail*:

 
 
    BECOME A MEMBER of Rusbiz.com B2B portal for free! Members have access to a unique ecosystem of integrated and cost-effective business solutions.
Register
 

Send
 this newsletter
 to your friend
     
  Receiver's E-mail*:  
   
  Sender's Name*:  
   
   

  Network with like-minded business people.
Ask business related questions.
Help others in getting right answers.
Use brand new Rusbiz forum to publicize your opinion.

"Internet Success Private Site" has everything you need to succeed online! Click here for more information!

Rusbiz Services

 The 10 Natural Laws of Successful Time and Life Management: Increase Productivity and Inner Peace
Interactive Marketing Ezine: Your guide to generating online Success! Essential marketing methods and traffic-generating techniques! Plus: Weekly Free ads!
www.vectorcentral.com

 
 
 

computercourses1


Magazines of America






 
 

#26 [27.01.2004]
 

"MyDoom" virus and how to protect your computer from it

By Nowshade Kabir ©Rusbiz.com

"MyDoom" virus and how to protect your computer from it Remember the Sobig viruses of last year that wreaked havoc and caused significant financial damage to corporation world? Well, the first major virus of this year has potential to beat those attacks easily.

What is MyDoom?

The new virus, which is actually a more virulent variation of “Mimail” virus, is dubbed MyDoom by antivirus software maker Network Associates Inc. and "Novarg" by rival Symantec Corp.

The virus, first detected around 4PM EST Monday January 26, 2004, immediately started to create a mail storm through out the Internet. According to experts, MyDoom virus is capable of generating up to 8 million infected e-mails in the first 24 hours if it is not slowed down. This is twice as much as the amount produced by the Sobig.F virus, which at its peak last year generated around 3.5 million e-mails on the third day of its outbreak.

Within one hour of its first attack Network Associates itself received 19,500 e-mails bearing the virus from 3,400 unique Internet addresses.

How does it work?

MyDoom spreads itself similarly as any other email-borne virus. Unsuspected user after receiving infected email activates the virus by opening the attached file. As always the virus infiltrates only into Windows based PC. The attached file can be of any of these extensions: ".exe," ".scr," ".cmd" or ".pif".

Randomized subject line of the infected message can have the following texts among others: Mail Delivery system, Test, Server report, Hello, etc.

The body of the email shows one of the several texts, such as: "The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment,"; "The message contains Unicode characters and has been sent as a binary attachment."; and "Mail transaction failed. Partial message is available." The idea here is to trick users into opening the attachment. The opened attachment looks like a simple Notepad text file, which most of the people believe to be safe and incapable of carrying viruses.

Once a computer gets contaminated with MyDoom, the virus along with the Trojan embedded in it does the following things:

The virus resends itself using a built-in mailing program to e-mail addresses from the address book of the infected computer. It is capable to send out 100 infected email messages in 30 seconds to addresses stored in the computer. It also fakes the sender’s address and shows one of the e-mails randomly selected from the computer's address book. So it appears that the virus came from someone other than the person whose computer produced this email.

The virus also copies itself to the Kazaa download directory of the infected computer, on which the file-sharing program is loaded. The virus camouflages itself, using one of seven file names, including Winamp5, RootkitXP, Officecrack and Nuke2004. Kazaa is a file sharing program widely used by teens to share music among peers.

Our Services
  E-business Solutions Deal Management
  E-commerce Market Research
  Web Marketing Add products to E-catalog
  Web Stores Advertisement
  Web Design Packages Read More...

MyDoom also uses the domains of the emails addresses it finds in the infected computer to make up numerous email addresses in an attempt to spread itself. This tactic is commonly used by spammers and called “Dictionary Attack”.

Some experts claim that this virus also drops a file onto infected computer systems, collecting sensitive data such as passwords, user names and credit card information.

The infected e-mails are also programmed to start a denial of service attack on SCO, the controversial software group which claims that important components of the Linux open-source operating system violate its Unix copyrights. A Denial of Service Attack means in an attempt to shut down a server, thousands of emails are sent to one single address. The attack clogs the bandwidth and cripples the whole mailing system of the company and forces them to either turn off the server or change the domain name.

Finally, the virus also opens up communication ports of the infected computer, allowing a hacker to manipulate the machine remotely.

One hack of a virus, isn’t it?

What to do?

If you take the following steps, your computer will be virtually safe from any similar virus attacks:

  • Get an Antivirus program and install it in your computer.
  • Regularly update your Antivirus program.
  • Get a firewall and install it. A great free firewall that you can download and install is Zonealarm. You can download it from http://www.zonelabs.com/store/content/home.jsp
  • Regularly get patches for your version of Windows and update.
  • Use email filters similar to Eprompter. It gives you the ability to delete unwanted spam or suspicious looking mail, which might contain viruses. Get it free from http://www.eprompter.com
  • Scan your computer for viruses regularly. A great free tool that scans your computer remotely for viruses and eliminates them you can find at
    http://housecall.trendmicro.com/housecall/start_corp.asp

No doubt that Microsoft has to do a better job to protect us from this on going slaughter. However, until this happens, Windows users have to be more vigilant and do everything possible to protect their machines.


 
 
Send
 
   
   

  RSS logo  
  #79 [24 Jan 2007]
Are You Protected from Storm Worm?

 
  #78 [10 Nov 2006]
Increase sales with eCommerce 2.0

 
  #77 [15 Oct 2006]
Web 2.0 in eCommerce

 
  #76 [15 Sep 2006]
How to Use Internet in Your Export Business

 
  #75 [20 Aug 2006]
Six Reasons to Use a B2B Marketplace

 
 
Archive



Categories
Internet Business Ideas
E-business Development and Implementation
Internet Viruses and Scams
Online Promotion and Marketing
Business Management & Enterprise Applications
Motivational and Personal Development
Web Experience Enhancement



Related Articles
Are You Protected from Storm Worm?
Protect Your Computer from Latest Virus
Beware of Spyware
Be Aware of Phishing Scams!
"MyDoom" virus and how to protect your computer from it

 
Peter Bain Forex Trading Video Course

Tel3 Prepaid International Long Distance Calling

 
       
About the author
Nowshade Kabir is the founder, primary developer and present CEO of Rusbiz.com. A Ph. D. in Information Technology, he has wide experience in Business Consulting, International Trade and Web Marketing. Rusbiz is a Global B2B Emarketplace with solutions to start and run online business. Click here to contact him.