Mydoom

Mydoom
Mydoom
	Example of a randomly generated file opened by Mydoom after execution
Type	Computer worm
Technical details
Platform	Windows 2000, Windows XP
Written in	C++
Discontinued	12 February 2004 (Mydoom.A); 1 March 2004 (Mydoom.B);

Preview warning: Page using Template:Infobox computer virus with unknown parameter "fullname"

Mydoom was a computer worm that targeted computers running Microsoft Windows. It was first sighted on January 26, 2004. It became the fastest-spreading e-mail worm ever, exceeding previous records set by the Sobig worm and ILOVEYOU, a record which as of 2024 has yet to be surpassed.^[1]

Mydoom appears to have been commissioned by e-mail spammers to send junk e-mail through infected computers.^[2] The worm contains the text message "Andy; I'm just doing my job, nothing personal, sorry," leading many to believe that the worm's creator was paid. Early on, several security firms expressed their belief that the worm originated from a programmer in Russia. The actual author of the worm is unknown.

The worm appeared to be a poorly sent e-mail, and most people who originally were e-mailed the worm ignored it, thinking it was spam. However, it eventually spread to infect at least 500 thousand computers across the globe.^[3]

Speculative early coverage held that the sole purpose of the worm was to perpetrate a distributed denial-of-service attack against SCO Group. 25 percent of Mydoom.A-infected hosts targeted SCO Group with a flood of traffic. Trade press conjecture, spurred on by SCO Group's own claims, held that this meant the worm was created by a Linux or open source supporter in retaliation for SCO Group's controversial legal actions and public statements against Linux. This theory was rejected immediately by security researchers. Since then, it has been likewise rejected by law enforcement agents investigating the virus, who attribute it to organized online crime gangs.

Mydoom was named by Craig Schmugar, an employee of computer security firm McAfee and one of the earliest discoverers of the worm. Schmugar chose the name after noticing the text "mydom" within a line of the program's code. He noted: "It was evident early on that this would be very big. I thought having 'doom' in the name would be appropriate."^[4]

^ "Security firm: MyDoom worm fastest yet". CNN.com. Time Warner. 2004-01-28. Archived from the original on 2007-11-14. Retrieved 2007-10-14.
^ Tiernan Ray (2004-02-18). "E-mail viruses blamed as spam rises sharply". The Seattle Times. The Seattle Times Company. Archived from the original on 2012-08-26. Retrieved 2004-02-19.
^ "Mydoom threat still high;Microsoft offers reward". NBC News. 26 January 2004. Archived from the original on August 5, 2021. Retrieved 2022-06-29.
^ "More Doom?". Newsweek. Washington Post Company. 2004-02-03. Archived from the original on 2009-03-02. Retrieved 2007-10-28.

[1] "Security firm: MyDoom worm fastest yet". CNN.com. Time Warner. 2004-01-28. Archived from the original on 2007-11-14. Retrieved 2007-10-14.

[2] Tiernan Ray (2004-02-18). "E-mail viruses blamed as spam rises sharply". The Seattle Times. The Seattle Times Company. Archived from the original on 2012-08-26. Retrieved 2004-02-19.

[3] "Mydoom threat still high;Microsoft offers reward". NBC News. 26 January 2004. Archived from the original on August 5, 2021. Retrieved 2022-06-29.

[4] "More Doom?". Newsweek. Washington Post Company. 2004-02-03. Archived from the original on 2009-03-02. Retrieved 2007-10-28.

[1]

[2]

[3]

[4]