News Stay informed about the latest enterprise technology news and product updates.

Worm's creative attachment cons users

Mydoom-A proved itself to be a sneaky worm -- tricking even the savviest users.

The Mydoom-A worm skyrocketed across the Internet Tuesday, but it left many security managers scratching their...

heads about how an e-mail-attached executable could con so many users into opening it.

Even normally vigilant users could be induced into clicking on the seemingly innocuous social-engineered "text" file.

At its height Tuesday, Central Command reported more than 400,000 infected systems and said the worm accounted for one in nine e-mails.

"The name of the file looks like a text file, because it says 'txt' and is followed by 60 spaces and then one of a number of executables," said Brian Dunphy, senior manager of analysis operations for Symantec Managed Security Services. "The file name is simply too long to appear fully."

Also called Novarg and Mimail-R, the randomized e-mail and P2P worm spoofs addresses and includes subject lines that suggest a previous message had errors. Clicking the e-mail attachment can release an unwelcome payload.

"The worm is very aggressive; it can install an e-mail proxy server that could be used to further infection or be used by spammers, or it can install a remote backdoor Trojan that will allow unauthorized access," said Steven Sundermeier, VP of products and services at Central Command.

Was your organization infected or impacted in some other way? Please send us your stories at We will honor requests for anonymity.

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.