MyDoom - PowerPoint PPT Presentation

1 / 9
About This Presentation
Title:

MyDoom

Description:

( kazaa) Sneak in your share folder with the effort of spreading that way. UNDER CONTROL ... Never download, install or run an attachment unless you trust the sender. ... – PowerPoint PPT presentation

Number of Views:139
Avg rating:3.0/5.0
Slides: 10
Provided by: A8369
Category:

less

Transcript and Presenter's Notes

Title: MyDoom


1
MyDoom
  • By
  • Philippe Bissohong

2
Background
  • MyDoom
  • W32.MyDoom_at_mm, Novarg, Mimail.R and Shimgapi
  • Computer worm, unlike a virus it attacks a
    network and does not need to be attach to a
    software.
  • Discovered by Craig Schmugar, a McAfee employee.
  • Source unknown
  • Deliberate act of sabotage or vandalism against
    SCO Group
  • Most likely a Linux or an open source supporter
    retaliating against SCO group law suit and public
    statement against Linux

3
TIMELINE
  • January 26, 2004 Fastest spreading email worm.
  • February 1, 2004 With millions of computer
    affected, begins the Distributed denial of
    service attack against SCO Group.
  • February 2, 2004 SCO Group move their site to a
    different address
  • February 3, 2004 Beginning of Distributed denial
    of service attack against Microsoft. But
    Microsoft remains functional.
  • February 12, 2004 MyDoom is programmed to stop
    spreading but the infected files remains on your
    computer.
  • July 26, 2004 A MyDoom deviation shut down
    Google and slow down other search engine like
    AltaVista and Lycos.

4
MALWARE
  • Program to send a flood of traffic to a specific
    host for a period of time
  • When executed, it copied itself in the window
    system folder, leaving a back door to hackers for
    remote control of your system.
  • Add an entry in the registry so it is activated
    every time window starts up
  • Block HTTP access to certain site like Microsoft
    and other popular antivirus sites. Preventing
    update to anti-virus software or download of
    removal tools.

5
TRANSMISSION
  • Mainly transmitted via email
  • From Spoof sender that looks like somebody you
    might know.
  • Subject "Error", "Mail Delivery System", "Test"
    or "Mail Transaction Failed"
  • Message Blank or random error messages.
  • Include Attachment
  • If executed, steals your email addresses and also
    generates random email to resend the worm.
  • Also transmitted through peer to peer(P2P) file
    sharing. (kazaa)
  • Sneak in your share folder with the effort of
    spreading that way.

6
UNDER CONTROL
  • Various things were done to keep the attack under
    control
  • Alternative addresses were created by SCO Group
    and Microsoft.
  • Disinfection tools were created to detect and
    remove MyDoom.
  • Worm expired on his own after February 12.
  • Anti-virus softwares updated their software.
  • 250,000 reward was offer for information leading
    to the worm creator.

7
LESSON
  • Install and Enable a Firewall.
  • Install and maintain your anti-virus software
    up-to-date.
  • Make sure your anti-virus checks every files that
    is open.
  • Install security updates.
  • Never download, install or run an attachment
    unless you trust the sender.
  • When in doubt or already infected, seek help
    immediately.

8
SOURCES
  • F-Secure internet security
  • http//www.f-secure.com/v-descs/novarg.shtml
  • Wikipedia
  • http//en.wikipedia.org/wiki/Mydoom
  • Sophos
  • http//www.sophos.com/virusinfo/analyses/w32mydoom
    a.html

9
THE END
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "MyDoom" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!