Email-Worm.Win32.Mydoom.m
Posted: October 20, 2009
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 2/10 |
|---|---|
| Infected PCs: | 89 |
| First Seen: | August 6, 2013 |
|---|---|
| OS(es) Affected: | Windows |
Email-Worm.Win32.Mydoom.m is a recently-confirmed member of the Mydoom family of mass-mailer worms and includes the backdoor capabilities, DDoS functionality and spam-related attacks that are typical of that family. Current e-mail spam circulating Email-Worm.Win32.Mydoom.m is disguised as a mail delivery error message that references the victim's own e-mail service. These messages are designed to look identical to real delivery errors, with the notable exception of also including a malicious file attachment that installs Email-Worm.Win32.Mydoom.m. SpywareRemove.com malware researchers always encourage scanning potentially unsafe attachments before launching them, and warn that deleting Email-Worm.Win32.Mydoom.m, as always for any high-level PC threat, is something that should be undertaken with appropriate anti-malware software.
Email-Worm.Win32.Mydoom.m: a Doom Delivery Hiding Out as a Failed Real Delivery
Email-Worm.Win32.Mydoom.m e-mail messages are formatted to look like the usual automated mailer daemon messages that are indicative of a previously failed message. This generic warning can occur when you try to send an e-mail to a nonexistent address or suffer other problems that interfere with the successful delivery of an e-mail message. SpywareRemove.com malware researchers particularly stress that Email-Worm.Win32.Mydoom.m's fake mailer daemon alerts are applicable to all e-mail clients and services, and may target any given address regardless of what service is being used.
Unlike a legitimate mailer daemon error, Email-Worm.Win32.Mydoom.m's messages also include a file attachment that supposedly contains additional instructions. When opened, the EXE file infects your PC with Email-Worm.Win32.Mydoom.m, which will use your own PC's resources to continue spamming other potential victims. SpywareRemove.com malware experts also have noted several other attacks common to Email-Worm.Win32.Mydoom.m and the rest of its family:
- Backdoor functions can let Email-Worm.Win32.Mydoom.m control your PC through a remote server. These backdoor attacks can be responsible for the theft of information, the installation of other malware and other diverse issues.
- Email-Worm.Win32.Mydoom.m also may hijack your browser to block its access to security-related sites (such as Microsoft's domain). These browser hijacks use basic settings changes that can affect all browsers regardless of their brand or their internal settings.
- Even your basic system resources will be plundered by Email-Worm.Win32.Mydoom.m and used to launch other attacks, as specified through the aforementioned backdoor vulnerability. Besides (of course) more spam e-mails to distribute copies of Email-Worm.Win32.Mydoom.m, SpywareRemove.com malware experts also warn that Email-Worm.Win32.Mydoom.m may distribute itself through the Kazaa P2P client or launch botnet-based attacks against various websites.
A Happy Ending for a Not-So-Doomed Computer
Email-Worm.Win32.Mydoom.m may cause some system performance issues, but does not show any specific symptoms that victims could expect to detect visibly. SpywareRemove.com malware experts recommend the use of all relevant anti-malware utilities for blocking, detecting or deleting Email-Worm.Win32.Mydoom.m – especially since Email-Worm.Win32.Mydoom.m, like any well-coded worm, can create multiple copies of itself and hide them on multiple locations of your computer.
It also must be highlighted that the fake mailer daemon errors used by PC threats like Email-Worm.Win32.Mydoom.m worms are easily identifiable. Legitimate mailer errors never will instruct you to follow a link or open an attached file. Messages that appear to be mail errors but vary from the official format always should be considered malicious.
Aliases
W32/MyDoom-O
Email-Worm.Win32.Mydoom
Win32/MyDoom.worm.M
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.