anchor link to jump to start of content

The Seattle Times Company NWclassifieds NWsource Nation/World Home delivery Contact us Search archives
Your account  Today's news index  Weather  Traffic  Movies  Restaurants  Today's events

Tuesday, January 27, 2004 - Page updated at 12:39 A.M.

Vicious e-mail 'worm' replicating quickly

By The Associated Press

E-mail E-mail this article
Print Print this article
Print Search archive

SAN JOSE, Calif. — Network administrators were working to stop a fast-spreading e-mail "worm" that looks like a normal error message but actually contains a malicious program that spreads itself and installs a program that leaves an open door to infected computers.

"As far as I can tell right now, it's pretty much everywhere on the planet," said Vincent Gullotto, vice president of security-software developer Network Associates' antivirus emergency response team.

The worm — called "Mydoom," "Novarg" or "WORM — MIMAIL.R" — was replicating itself so quickly that some corporate networks were clogged with infected traffic within hours of its appearance yesterday. Its mail engine could send out 100 infected e-mails in 30 seconds, experts said.

It runs on computers running Microsoft's Windows operating systems, though other computers were affected by slow networks and a flood of bogus messages.

"This has all the characteristics of being the next big one," said Steven Sundermeier, vice president of products and services for the security firm Central Command.

It appeared to first target large companies in the United States — and their computers' large address books — and quickly spread internationally, said David Perry, global director of education at the antivirus software firm Trend Micro.

Microsoft said yesterday it was not internally affected by the worm, although the company wouldn't say why it was immune to the outbreak. The worm does not exploit any of the company's product vulnerabilities, said Christopher Budd, a security program manager. "This is solely a social-engineering attack."

Besides sending out tainted e-mail, the program appears to open a back door so that hackers could take over the computer later. Symantec said the worm appeared to contain a program that logs keystrokes on infected machines. It could collect usernames and passwords of unsuspecting users and distribute them to strangers. But Network Associates did not find that program.

Seattle Times business reporter Kim Peterson contributed to this report.


Copyright © 2004 The Seattle Times Company

More nation & world headlines


Today Archive

Advanced search

advertising home
Home delivery | Contact us | Search archive | Site map | Low-graphic
NWclassifieds | NWsource | Advertising info | The Seattle Times Company


Back to topBack to top