New MyDoom Worm Has No File, Just a URL, Exploits I.E. Hole   11/10/2004 - 1,777 views, 1 Comment

Summary: The newest version of MyDoom does not even have a file attached to it, making it look even less suspect, and less worm- or virus-like. Instead, it exploits one of the more recently discovered holes in Internet Explorer, through which clicking on a URL ...

Previous Article « Microsoft Takes Sender I.D.’s Case to the FTC Authentication Summit
Read Next Article » Transferring Domains No Longer Requires Consent - Registrars Advise That You Lock Your Domain

The newest version of MyDoom does not even have a file attached to it, making it look even less suspect, and less worm- or virus-like.

Instead, it exploits one of the more recently discovered holes in Internet Explorer, through which clicking on a URL can cause a file to be downloaded to the unsuspecting user’s computer. Once downloaded to the user’s machine, the file executes, harvests email addresses, and starts spewing spam from the user’s computer.

The MyDoom email spam is sometimes appearing to come from PayPal, bearing a message which says “Congratulations! PayPal has successfully charged $175 to your credit card. Your order tracking number is A866DEC0, and your item will be shipped within three business days.

“To see details please click this link.”

Of course, clicking the link causes the program to be downloaded to your machine.

Microsoft says that if you are using XP, and you have Service Pack 2 for XP installed, that you are at “reduced risk” (how comforting).

You can read more about this here.

Get FREE email alerts of new Internet Patrol stories!
    *We never share your email address with anyone

Email Address:
Date of first visit:
How you found us:

Be sure to watch for the confirmation email!

Subscribe to The Internet Patrol on your cell phone    Email the link for this page to a friend!

Read more:

»  Bad Enough it’s an Email Worm, Now MyDoom is Rude, Too

»  New Windows MyDoom Worm Searches and Destroys

»  Newest AIM Opanki Worm says “LOL Look at Him”

»  New Worm Variant Attacking Windows - New Sober Worm Bilingual

For additional similar stories check out our archives on Virus & AntiVirus, Windows, Worms

 

1 Comment »

  1. New MyDoom Worm Has No File, Just a URL, Exploits IE Hole
    The newest version of MyDoom does not even have a file attached to it, making it look even less suspect and less worm- or virus-like. Instead, it exploits one of the more recently discovered holes in Internet Explorer, through which…

    Trackback by Lockergnome's Windows Fanatics — 11/10/2004 @ 12:12 pm

RSS feed for comments on this post. TrackBack URI

Leave a comment

Warning! All comments which contain URLs and are clearly just spam to generate a link back to the URL will be deleted on sight. Don't bother wasting your time!

If you are going to include a URL in your comment,
please keep it under 25 characters in length,
or use TinyURL to shorten it before including it in your comment.

Line and paragraph breaks are automatic, your email address is never displayed.
HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

(required)

(required)


If you have not posted a comment here before, we apologize for having to ask you to enter the letters and numbers you see in the image above to validate your comment, but we are being attacked by thousands of comment form spams every day! You only need to do this once; once you have successfuly posted a comment here you will not be asked to do this again. Thank you for your understanding!

 
The Internet Patrol
Patrolling the Internet for You!