MyDoom.M strikes

/ / 0 Comments

Today was interesting. We had a few instances of MyDoom.M ferret their way into our organization. The worm is a pretty interesting beast. It goes out and looks for new addresses to send to on internet search engines such as Google.

It was responsible for knocking Google offline several times. And it searches for only addresses that match your company. For example, if your address is at mycompany.com, this thing searches for valid mycompany.com addresses. It then sends to those trusted email addresses. The social engineering aspect of it is pretty interesting.

Luckily it wasn’t hard to clean. I had to remove a couple of registry entries and then clean it up. Wasn’t too bad. I just shudder to think what will happen once these things truly go malicious and start deleting data.