What Is MyDoom Malware? History, How It Works & Defence
What Is MyDoom Malware? History, How It Works & Defence
What Is MyDoom Malware? History, How It Works & Defence
Some people call MyDoom a virus. Some people call it a worm. Some people spell the term My Doom. Others just call it the Doom Virus.
No matter what you call it or how you spell it, MyDoom is serious. This tiny bit of code spreads from one computer to another via email attachments. If you get these messages and open their files, the program sits on your computer. Soon, everyone in your address book gets a message from your computer.
People became aware of MyDoom in 2004, and the attacks launched then have long since passed. But plenty of infected computers remain. So it’s wise to know how this worm works and how you can rid your computer of the code.
MyDoom virus development
In January and February of 2004, people all around the globe started getting mysterious email messages that said, "I'm just doing my job, nothing personal, sorry." Each email came with an attachment, and every time people checked their inboxes, they got another copy. The MyDoom virus was responsible.
MyDoom is a very effective worm made to create zombies out of hundreds of thousands of computers. Hackers could then use each hijacked terminal to wage a denial of service (DoS) attack toward a company they identified.
In 2004, no one knew who developed the code. Some felt that the MyDoom worm looked very similar to other worms developed in Russian labs. But suspicion isn't proof, and in the end, no one really knew who created this code or why they did so.
But experts agreed that MyDoom was dangerous. Reporters said the code was:
- Fast. No other virus had spread so quickly.
- Effective. MyDoom infected more than 500,000 machines in just one week.
- Expensive. Damage estimates reached $38.5 billion or more.
The virus took over host computers, and most cleanup reporting focused on what people needed to do to eliminate the code. But two companies were the real victims.
The first version of the worm used infected computers to bombard SCO Group with homepage requests. The company couldn't handle that kind of traffic, and the site crashed. After an hour of constant attack, the company changed website addresses altogether.
The second version of the worm did two things.
- Attack: Infected computers bombarded Microsoft's website.
- Protect: After the infection, computers couldn't access 65 antivirus websites. In essence, the worm kept people from cleaning up their computers.
Before hackers released MyDoom, experts knew that an attack like this was possible. But they had no idea what it would look like, how it would work, or how users could clean up their computers. They would learn all about