The world's most expensive and long-lived malware — MyDoom
Greetings!

Today I’ll tell you a bit about a very interesting piece of malware called Mydoom, which has been operating on the internet since the ancient year of 2004.

MyDoom is a worm created to infect operating systems of the Windows family. The worm spreads via emails with malicious attachments, and the infection itself occurs when they are opened.

The size of the worm’s carrier file is about 28 kilobytes. During research into MyDoom, a text string was found inside its code: « sync-1.01; andy; I'm just doing my job, nothing personal, sorry ». Quite ironic and businesslike.

What MyDoom and its modifications are capable of upon infecting a PC:

Initially, the resources of SCO Group (at the time the owner of the Unix OS assets) and Microsoft were subjected to DDoS attacks. Incidentally, the companies actively cooperated with each other.

A funny fact — some companies suspected supporters of the Linux OS of creating the worm 😉 The arguments were SCO’s legal claims in attempts to license the use of the free GNU/Linux operating system. The company even offered a reward of 250 thousand dollars for information that would help catch the creators of MyDoom.

At the peak of its activity, spam coming from MyDoom reduced global internet traffic by 10%. At that time, MyDoom generated 16-25% of the total number of all emails in the world.

One of the main features of MyDoom is its persistence: the malware is still active across the global network to this day. Between 2015 and 2018, infected emails made up more than 1% of all email traffic on the internet.

In 2019, MyDoom even demonstrated a small increase in the number of malware samples, as well as an increase in the number of malicious emails.

Source: Xakep.ru

In 2011, experts at McAfee recognized MyDoom as the most «expensive» malware in history: the damage caused by the malware, through large spam campaigns aimed at reducing productivity and hindering trade at large and medium-sized companies, ultimately amounted to 38 billion dollars.

Here’s an example of an email with the worm:

Source: Xakep.ru

Researchers note that MyDoom is essentially fully self-sufficient and autonomous. The worm can spread forever, as long as people keep opening email attachments.

For a more detailed breakdown of the history of MyDoom’s activity, I recommend watching the video on YouTube:

Video from the channel: overbafer1

A funny coincidence?!

On the same day, before watching the video above, I received a strange email that looked a lot like MyDoom’s spam. The text of the email said that my email sent to such_and_such_address@yahoo.com had been blocked, along with some other gibberish with corrupted encoding. Except I hadn’t sent any emails to such an address. And I almost, once again, didn’t believe in the existence of reptilians ;).

MyDoom?

So there you go. Be vigilant and never open attachments from suspicious emails. The method of infection is as old as the world and is still relevant.

Thanks for reading 😉

Sources:

Copyright Notice

Author: Ivan Cherniy

Link: https://r4ven.me/en/interesting/samaya-dorogaya-i-zhivuchaya-v-mire-vredonosnaya-programma-mydoom/

License: CC BY-NC-SA 4.0

Blog materials may be used with attribution to the author and source, for non-commercial purposes, and under the same license.

Start searching

Enter keywords to search articles

↑↓
ESC
⌘K Shortcut