What Is This Virus REALLY All About?

Further to my outburst about how network administrators and anti-virus companies may be making the whole MyDoom thing worse, here’s a similar take, albeit more detailed and informed than mine, from Attrition.org. The message: Treat all emails ‘notifying’ you that you have a virus as spam and inform the administrator/company/ISP accordingly. Thanks to the excellent TechDirt for pointing this one out. CNET have a similar report as does The Register.

My tuppennies’ worth? Sue anybody who accuses you of harbouring a virus. It’s defamation pure and simple.

Some other tidbits about the virus: It seemed to have originated in Russia, and may not actually contain an attack on SCO.com, so there’s a strong school of thought growing that all that SCO/Linux stuff is a ruse, and that the real purpose is a good old fashioned Mafia-originating password-stealing scam. If so, it’s reassuring to know that a) the open source crowd haven’t gone bad and b) it’s still just about da money. Slashdotters discuss the matter here.

That said, there’s a lot about MyDoom we don’t know about it, and writing it off as a variation of earlier worms I think misses the point. Viruses may often be built on old ones, but it doesn’t mean they do the same thing. Microsoft Monitor calls it “one of the more sophisticated viruses in recent memory” and says antivirus companies are only starting to learn about what it may do.