Security experts are warning internet users to update their antivirus systems to protect against yet another version of the Mydoom worm.
W32/Mydoom.s@MM, also known as Mydoom.s, has emerged as a new variant of the mass-mailing worm, and comes in the form of the .exe attachment, 'photos_arc.exe'.
Advertisement
McAfee's Avert antivirus team warned that it has received "well over 100 reports" of the virus within a three-hour span, mostly from Japan and Europe.
Like previous versions of the infection, Mydoom.s is a mass-mailing program that can automatically construct its own outgoing messages with spoofed 'from' fields to hide the origin of its email.
The worm's payload comes as an .exe file with a single name, which differs from many of the other Mydoom variants that tend to use multiple extensions.
Users should be very wary of email containing the following: From: (spoofed From: header) Subject: photos Body: LOL!;))))
The worm contains a remote access component of the virus, which listens for remote connections. In addition, Avert warned that the virus downloads a backdoor Trojan to the user's machine.
"Companies should educate their users to practise safe computing," said Graham Cluley, senior technology consultant for Sophos, in a statement.
"This includes never opening unsolicited email attachments and discouraging the sending and receiving of joke files, funny photographs and screensavers.
"This worm feeds on users' willingness to accept 'humorous' content on their desktop computers, but by doing this, they could be putting their entire company's data at risk."
Do you agree?
Have your say on this article