BBC-World is saying that about 30% of all email is being generated by the My Doom virus, the most virulent computer virus yet.
Well, I have a couple of three e-mail accounts on Hotmail and Yahoo. I have not gotten any specious messages with unusual attachments. Frankly, I feel sort of left out.
What’s the deal? Are these being intercepted before they get to me or what?
I don’t think they’re being intercepted - the worm did most of its replication before servers were taught to look for that particular variant, so with these things, antivirus tools (whether client or server based) are of limited use. The darn things spread so quickly that it’s impossible to stop them.
I myself have recieved several dozen, maybe 100 or so, of these messages. But my email address is fairly public. Maybe your email address is just not in the address book of anyone dumb enough to open executable email attachments?
What I don’t get is after all this time, why the hell would anyone open attachments like that? I mean, don’t people ever learn?
About half of my mail today has been MyDoom stuff. :rolleyes:
I’m getting roughly 40 a day. But then, I’ve got 6 websites that I maintain, each with their own email addresses. I just keep my finger poised over the delete button, and make sure my AV is updated daily.
Nothing. I feel like I’m unloved.
I got four to my work e-mail account overnight, and I anticipate getting a few more today. Considering that during this time of year my work account usually gets maybe one or two e-mails a week… It hasn’t hit any of my personal e-mail accounts though, including the one that’s on the same domain as my work account.
<< Wheeeeee! >>
600 unwanted messages yesterday in one mailbox, about 550 are the MyDoom. 95% of all my email is now spam or virus. The number has increased from a typical 300/day last week.
If you aren’t getting any, your ISP may be filtering them out. Also, the MyDoom virus generates an auxiliary list of recipients by concatenating a simple name list like “Bob,” Joe," and “Alice” to a random domain that it has found somewhere. Many of these generated names may not exist at most domains, but unfortunately they are accepted by mine (the original idea was to accept misspelled names rather than lose clients who couldn’t type accurately). This policy is going to have to change soon.
I’ve gotten several, though it’s been under the name “Novarg” rather than “Mydoom.”
I have received none of them at my home e-mail address. Work is a different story. Between 30 and 40 each day.
It’s damn annoying. I mean, I open and execute all of these attachments, thinking they might be a fun video or sound clip, and NONE of them are!
(just kidding.)
None on my various hotmail or yahoo accounts. Those are getting screened before we see them. I’ve gotten around four on my work email. My boss, who gets all of the mail to the domain not specifically addressed to me has gotten scores of them.
Haj
I use Yahoo! mail, and I’ve had a few, but they’re always shunted to my “Bulk” folder, meaning they know it’s spam, at least. I generally just delete stuff in my bulk folder outright anyway. So, it’s under contol, AFAIC.
I have one of those “challenge” email filters, so I never see the email when viruses like this hit the net. I can dig through the filtered-out mail and I do see that I’ve gotten a lot of copies of MyDoom. But, none of them got past the filter.
Those are alternate names for the same worm, also called MiMail. When another version is spotted, anti-virus companies often append “.B” or “.C” as needed, so the Microsoft-targeted variant is called MiMail.B or MyDoom.B (The SCO-targeted version is .A). Sobig got up to .F before it ran its course.
Nothing here, and I know that there are no server-side filters in place on my mailserver.
I got maybe twenty of these at my work address between Monday and yesterday. Nothing at all today; I’m on a pretty robust corporate server, so no doubt we’ve adapted. Also nothing on my personal (web-based) accounts.
However, I also got a notice from our internal virus monitor that apparently I had sent out a batch of these. No idea how I got infected; I never open strange attachments (or let them show up in the preview pane) or otherwise engage in non-safe browsing. Cybercondoms for me all the way! And yet here I am, apparently, with the clicky-clap. 
I started getting inundated with the attachments and bounced emails and realized that my personal-private-super-secret email had been harvested.
It was easy to narrow down who’s computer was the culprit and informed him of what was going on. He cleaned up his computer (after it sent out 3000 emails!) and I haven’t had any naughty mail since.
My ISP has started blocking all the infected emails except the ones with .zip extensions, and I’m getting maybe 40 or 50 of these a day. This worm uses faked return addresses, however, interestingly a couple of them were “from” cecil@chicagoreader.com.
Yes, and I’m sick of it already, especially since the only thing MyDoom does to my system is clog up my mailbox.
Why won’t the rest of you folks stop using Windows, so we don’t get innundated with crap like this? 
Your ISP had better read the tech description of the MyDoom; ZIP is just one of the several extensions it uses, and a ZIP version is just as deadly as any other if you have an automatic un-ZIPping program installed.
So were you actually infected? Or are you just assuming that you were based on the internal virus monitor? Strangely, filtering programs seem to be abysmally ignorant about header info. They often rely religiously on the more visible data instead of checking the more esoteric, detailed IPs which tell where something REALLY came from. If so, then you are being innocently accused by bad programming.
Just one more thing to worry about, eh?
Cervaise, when one of your “friends” launched the worm program, it did the following:
The problem is, the people writting anti-virus software haven’t addressed the fact that it’s easy to modify the “From” field in an email. So, they send you an email saying that you’re infected with a virus when you really aren’t. At the same time, your friend continues to be an unwitting host for the worm, and he is not being notified. Pretty clever, yes?
Full details on what the worm does:
http://www.symantec.com/avcenter/venc/data/w32.novarg.a@mm.html