MyDoom – It’s Killing Me

Maybe you’ve heard of the MyDoom virus. Maybe you’ve gotten one or two or dozens of virus payloads from it. Whatever you’re getting, feel my pain.

As the ‘owner’ of the domain geofffox.com, I make certain administrative decisions that decide how it’s run. For instance, if you send a message to me@geofffox.com, I get it. I also receive it if you send mail to you@geofffox.com… or any other possible email address here.

Actually, there are two exceptions. Years ago, I tagged a couple of email addresses onto some web pages I created: ivythedog@geofffox.com and vegas2000@geofffox.com. After those addresses got picked on spammer lists, and I started getting lots and lots of trash emails, I routed them so they get thrown out before I ever see them. There was no real email to them anymore, so no loss.

Now, the MyDoom virus is using a ploy that works in a similar manner. As it attempts to replicate itself, infected computers are sending out untold emails to joe@geofffox.com, adam@geofffox.com, ted@geofffox.com and a few dozen other first names.

The idea is, at businesses or more normally run domains, some of those emails will get through to unwary Joe’s or Adam’s and the virus will continue to spread.

After a short lull, this past week has seen an explosive growth at my mail server. I woke up this morning to 40 incoming virus payloads!

I really didn’t know too much about MyDoom so I went looking to see if I could figure it out, and what I’ve read is very scary. This virus is sophisticated. The payload is multifaceted. It is scheduled to shut itself down on February Th, though there will still be some active computers because of poorly set clocks and the like.

I have previously kvetched about the problems of our insecure email system. This is just another example.

There’s a deeper problem here. This virus replicates itself because of computer owners actually running the virus executable! No one does this on purpose (or few do). Mostly, it’s because naive computer users have the same privilege to execute files as more knowledgeable ones. And, they do so without regard, or liability, to those who will later be infected or affected.

I fear episodes like MyDoom are going to push us out of what will later be regarded as the golden age of open computing and into a much more restrictive period. Computers will be locked down. In the long run, that’s bad. Open computing has been a boon in advancing the functionality and usefulness of PCs.

Blogger’s addendum: I just added a few dozen filters, for each name used by MyDoom. Yes, it’s a pain in the butt, but it should (and already has) cut my spam back greatly. However, this garbage is still taking bandwidth, flying through the Internet, and is using resources on my host’s computers.

2 thoughts on “MyDoom – It’s Killing Me”

  1. Hey Geoff, Your link for info on the MYDOOM took me to the McAfee site. Is this the virus protection you use for your system?

    I got a bad trojan a while back that wiped me out for days, and I know you do some research before buying programs, so I was wondering if you recommend McAfee and why?

    Norton caused a lot of problems on my system so I have kept away from that.

    Just curious.

    Thanks!

  2. I’d suggest never redirect all addresses from your domain! There are spammers who try this kind of “dictionary attack” with thousands of email addresses. You won’t be happy if one morning you find 40,000 new spam messages in your inbox.

    (This was originally posted, but I didn’t understand what Ivan was saying, and deleted it. Actually, it makes perfect sense. My apologies. However, it is unlikely this domain would be chosen for a dictionary attack… I hope – Geoff)

Leave a Reply

Your email address will not be published. Required fields are marked *