Home » News » MyDoom worm is already 15 years old, but it is still active

MyDoom worm is already 15 years old, but it is still active

Experts from Palo Alto Networks published a report, according to which 15-year-old MyDoom worm (aka Novarg, Mimail and Shimg) is not just still “alive”, but even increases its activity.

MyDoom appeared in 2004 and is considered one of the most famous threats in the entire history of observations.

“While not as prominent as other malware families, MyDoom has remained relatively consistent during the past few years, averaging approximately 1.1 percent of all emails we see with malware attachments”, — report Palo Alto Networks specialists.

This worm became a real record for the speed of spreading and even managed to partially paralyze search engines (Google, Yahoo!, AltaVista and Lycos), and at the peak of activity, spam from MyDoom reduced world Internet traffic by 10 percent. At that time, MyDoom generated 16-25% of the total number of all letters in the world.

In 2011, McAfee experts recognized MyDoom as the most “expensive” malware in history: losses due to loss of productivity and cessation of trade due to virus infection during large spam campaigns eventually consisted $38 billion.

MyDoom email sample
MyDoom email sample

MyDoom is distributed through emails with malicious attachments. On each new infected machine, malware searches for new email addresses in various files, and then sends its copies to all detected addresses. At the same time, spam is masked, for example, under notifications about unsuccessful delivery of a message, or the subject of the letter may contain random characters and the words “hello”, “hi” and so on. It would seem that such methods are most primitive ones, but they are still working today. Thats why MyDoom worm still active.

READ  Graboid mining worm spreads through Docker containers

Read also: New BianLian Trojan spies on data entry in Android banking applications

Palo Alto Networks experts write that in the period from 2015 to 2018, about 1.1% of all emails with malicious attachments contained the MyDoom worm. The victims of such malicious mailings are companies from a wide variety of industries, ranging from high technology, wholesale and retail, to healthcare, education and manufacturing.

MyDoom statistics from 2015 through 2018
MyDoom statistics from 2015 through 2018

In the first half of 2019, MyDoom even demonstrated a small increase in the number of malware samples, as well as an increase in the number of malicious emails sent and received by victims. The main sources of such correspondence are the USA, China and the United Kingdom.

The researchers point out that in fact MyDoom is still active, completely autonomous. The worm can spread forever, as long as people continue to open e-mail attachments.

[Total: 0    Average: 0/5]

About Trojan Killer

Carry Trojan Killer Portable on your memory stick. Be sure that you’re able to help your PC resist any cyber threats wherever you go.

Check Also

MageCart on the Heroku Cloud Platform

Researchers Found Several MageCart Web Skimmers On Heroku Cloud Platform

Researchers at Malwarebytes reported about finding several MageCart web skimmers on the Heroku cloud platform …

Android Spyware CallerSpy

CallerSpy spyware masks as an Android chat application

Trend Micro experts discovered the malware CallerSpy, which masks as an Android chat application and, …

Leave a Reply