Saturday, November 13, 2004

New Spammed Version of MyDoom Does Its Dirty Work with No Email Attachments

The newest version of the MyDoom virus stll misappropriates its victim’s computer, and downloads a malicious program to it which scrapes email addresses from the computer, and then spews spam to those addresses — but it does it all without the telltale email attachment which we have come to associate with email viruses.Far more insidiously, this version of MyDoom simply needs the victim to click on a link contained in the email, and then, exploiting one of the more recently discovered Internet Explorer security holes, the payload program is downloaded from a remote site, triggered by the click on the linke.The email containing the virus-bidding link is making the rounds in various forms, at least one of which appears to be an email from PayPal, and which tells the user ”
Congratulations! PayPal has successfully charged $175 to your credit card. Your order tracking number is A866DEC0, and your item will be shipped within three business days.

No comments: