The Web    Google
3/31: MyDoom-AI Worm Uses Email

3/31: MyDoom-AI Worm Uses Email
March 31, 2005

Similar to earlier MYDOOM variants, Worm_Mydoom.AI propagates via email messages. It also uses social engineering techniques by sending an email message that poses as a love letter. It sends the said email message using a spoofed sender's name.

This worm obtains target email addresses from files using specific extension names. It also generates email addresses by selecting a user name from its own list, and appends it to a selected domain name. It skips email addresses that contain certain strings.

The email message it sends has varying subjects, message body content, and attachment filenames. For specific details about this worm's email message, please click here.

Aside from email, this worm also attempts to propagate via the popular Peer-to-peer (P2P) file sharing network, Kazaa.

Technical details can be found at Trend Micro page.

  • Gates Sends Letter on Spam to Congress
  • It's Time to Talk Mobile Phone Security
  • 10/28: Agobot-NU a Worm and Backdoor
  • 12/9: Setclo-A Worm Carries Executable
  • CERT, ArcSight Partner With 3 Universities On Security Sharing
  • 4/29: Kelvir-D an IM Worm
  • AppRadar Supports Intrusion Detection for Enterprise Databases
  • 5/19: Webloin Trojan Downloads DLL File
  • 2/28: Rbot-UC a Worm and Trojan
  • 10/20: Mydoom-AA Worm Spreads Via Email
  • Sue a Spoofer Today
  • Security Camera Articles